Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-07 | CVE-2019-9118 | OS Command Injection vulnerability in Motorola C1 Firmware and M2 Firmware An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. | 9.8 |
| 2019-03-07 | CVE-2019-9117 | OS Command Injection vulnerability in Motorola C1 Firmware and M2 Firmware An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. | 9.8 |
| 2019-03-06 | CVE-2019-1591 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. | 7.8 |
| 2019-02-28 | CVE-2019-1674 | OS Command Injection vulnerability in Cisco products A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. | 8.8 |
| 2019-02-26 | CVE-2019-9194 | OS Command Injection vulnerability in Std42 Elfinder elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. | 9.8 |
| 2019-02-21 | CVE-2018-20122 | OS Command Injection vulnerability in Fastweb Fastgate Firmware 0.00.47/1.0.1B The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. | 9.8 |
| 2019-02-20 | CVE-2018-15380 | OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)/3.5(1A) A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. | 8.8 |
| 2019-02-18 | CVE-2019-8427 | OS Command Injection vulnerability in Zoneminder daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters. | 9.8 |
| 2019-02-13 | CVE-2019-8319 | OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1 An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. | 8.8 |
| 2019-02-13 | CVE-2019-8318 | OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1 An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. | 8.8 |