Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-0185 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.8 |
| 2018-03-28 | CVE-2018-0184 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 6.7 |
| 2018-03-28 | CVE-2018-0183 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 6.7 |
| 2018-03-28 | CVE-2018-0182 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.8 |
| 2018-03-28 | CVE-2018-0176 | OS Command Injection vulnerability in Cisco IOS XE 15.0(5.59)Emd/16.1(0)/16.2(0) Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.8 |
| 2018-03-28 | CVE-2018-0169 | OS Command Injection vulnerability in Cisco IOS 15.0(5.59)Emd Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.8 |
| 2018-03-27 | CVE-2018-1238 | OS Command Injection vulnerability in Dell EMC Scaleio Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). | 7.5 |
| 2018-03-22 | CVE-2018-0539 | OS Command Injection vulnerability in QQQ Systems Project QQQ Systems 2.24 QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors. | 9.8 |
| 2018-03-15 | CVE-2018-6231 | OS Command Injection vulnerability in Trendmicro Smart Protection Server A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. | 9.8 |
| 2018-03-15 | CVE-2018-6222 | OS Command Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system. | 7.8 |