Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2018-0523 | OS Command Injection vulnerability in Buffalo Wxr-1900Dhp2 Firmware 2.48 Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2018-03-08 | CVE-2018-7890 | OS Command Injection vulnerability in Zohocorp Manageengine Applications Manager A remote code execution issue was discovered in Zoho ManageEngine Applications Manager before 13.6 (build 13640). | 9.8 |
| 2018-03-08 | CVE-2017-7640 | OS Command Injection vulnerability in Qnap Media Streaming Add-On QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges. | 9.8 |
| 2018-03-08 | CVE-2018-0224 | OS Command Injection vulnerability in Cisco Staros 21.3.0.67664/21.5.0 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. | 6.7 |
| 2018-03-08 | CVE-2018-0221 | OS Command Injection vulnerability in Cisco Identity Services Engine A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. | 6.7 |
| 2018-03-08 | CVE-2018-0217 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. | 6.7 |
| 2018-03-08 | CVE-2018-0214 | OS Command Injection vulnerability in Cisco Identity Services Engine 2.1(102.103) A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with the privileges of the local user, aka Command Injection. | 5.3 |
| 2018-03-07 | CVE-2018-1000118 | OS Command Injection vulnerability in Electronjs Electron Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. | 8.8 |
| 2018-03-06 | CVE-2018-6530 | OS Command Injection vulnerability in Dlink products OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. | 9.8 |
| 2018-03-05 | CVE-2018-7664 | OS Command Injection vulnerability in Clip-Bucket Clipbucket An issue was discovered in ClipBucket before 4.0.0 Release 4902. | 9.8 |