Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-02 | CVE-2017-2281 | OS Command Injection vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2017-08-02 | CVE-2016-7844 | OS Command Injection vulnerability in Gigaccsecure Gigacc Office 2.3 GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template. | 5.5 |
| 2017-08-01 | CVE-2017-11381 | OS Command Injection vulnerability in Trendmicro Deep Discovery Director 1.1 A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console. | 9.8 |
| 2017-07-31 | CVE-2017-9483 | OS Command Injection vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system via shell metacharacters in commands. | 9.8 |
| 2017-07-25 | CVE-2017-11566 | OS Command Injection vulnerability in Appsec-Labs Appuse 4.0 AppUse 4.0 allows shell command injection via a proxy field. | 7.8 |
| 2017-07-25 | CVE-2015-2280 | OS Command Injection vulnerability in Airlink101 Skyipcam1620W Wireless N Mpeg4 3Gpp Firmware 1.1.01220120709 snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter. | 8.8 |
| 2017-07-25 | CVE-2015-2279 | OS Command Injection vulnerability in Airlive products cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter. | 9.8 |
| 2017-07-24 | CVE-2017-11588 | OS Command Injection vulnerability in Cisco Residential Gateway Firmware Ddr2200Bnaannexafccv00.00.03.45.4E/Ddr2201V1Naannexafccv00.00.03.28.3 On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is remote command execution via shell metacharacters in the pingAddr parameter to the waitPingqry.cgi URI. | 9.8 |
| 2017-07-22 | CVE-2017-2275 | OS Command Injection vulnerability in Sony Wg-C10 Firmware 3.0.79 WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-07-18 | CVE-2017-6320 | OS Command Injection vulnerability in Barracuda Load Balancer ADC A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. | 8.8 |