Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-11 | CVE-2018-19168 | OS Command Injection vulnerability in Fruitywifi Project Fruitywifi Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. | 9.8 |
| 2018-11-07 | CVE-2018-19081 | OS Command Injection vulnerability in multiple products An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 9.8 |
| 2018-11-07 | CVE-2018-19073 | OS Command Injection vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 7.2 |
| 2018-11-07 | CVE-2018-19070 | OS Command Injection vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 7.2 |
| 2018-11-02 | CVE-2018-3890 | OS Command Injection vulnerability in Yitechnology YI Home Camera Firmware 1.8.7.0D An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. | 6.8 |
| 2018-11-01 | CVE-2018-10587 | OS Command Injection vulnerability in Netgain-Systems Enterprise Manager NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. | 7.2 |
| 2018-11-01 | CVE-2018-3910 | OS Command Injection vulnerability in Yitechnology YI Home and YI Home Camera Firmware An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. | 8.0 |
| 2018-10-30 | CVE-2018-16462 | OS Command Injection vulnerability in Apex-Publish-Static-Files Project Apex-Publish-Static-Files A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument. | 10.0 |
| 2018-10-30 | CVE-2018-16461 | OS Command Injection vulnerability in Libnmap Project Libnmap A command injection vulnerability in libnmapp package for versions <0.4.16 allows arbitrary commands to be executed via arguments to the range options. | 9.8 |
| 2018-10-30 | CVE-2018-14558 | OS Command Injection vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 9.8 |