Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-09 | CVE-2017-14477 | OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1 In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. | 9.8 |
| 2018-05-09 | CVE-2017-14476 | OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1 In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. | 9.8 |
| 2018-05-09 | CVE-2017-14475 | OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1 In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. | 9.8 |
| 2018-05-09 | CVE-2017-14474 | OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1 In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. | 9.8 |
| 2018-05-09 | CVE-2018-8866 | OS Command Injection vulnerability in Vecna VGO Firmware 3.0.3.52164 In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could perform command injection. | 8.8 |
| 2018-05-08 | CVE-2018-1239 | OS Command Injection vulnerability in Dell products Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. | 7.2 |
| 2018-05-04 | CVE-2018-10562 | OS Command Injection vulnerability in Dasannetworks Gpon Router Firmware An issue was discovered on Dasan GPON home routers. | 9.8 |
| 2018-05-01 | CVE-2017-17020 | OS Command Injection vulnerability in Dlink products On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system. | 8.8 |
| 2018-04-26 | CVE-2018-10431 | OS Command Injection vulnerability in D-Link Dir-615 Firmware 2.5.17 D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | 7.2 |
| 2018-04-24 | CVE-2018-3836 | OS Command Injection vulnerability in multiple products An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. | 7.8 |