Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7819 | OS Command Injection vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-06-09 | CVE-2016-7806 | OS Command Injection vulnerability in Iodata Wfs-Sr01 Firmware 1.10 I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2017-05-24 | CVE-2017-2824 | OS Command Injection vulnerability in Zabbix An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. | 8.1 |
| 2017-05-19 | CVE-2017-5173 | OS Command Injection vulnerability in Geutebrueck IP Camera G-Cam Efd-2250 Firmware 1.11.0.12 An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. | 9.8 |
| 2017-05-05 | CVE-2017-8799 | OS Command Injection vulnerability in Irods 4.1.10/4.2.0 Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. | 9.8 |
| 2017-05-04 | CVE-2017-8768 | OS Command Injection vulnerability in Atlassian Sourcetree Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. | 9.8 |
| 2017-04-29 | CVE-2017-7981 | OS Command Injection vulnerability in multiple products Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. | 8.8 |
| 2017-04-28 | CVE-2017-2152 | OS Command Injection vulnerability in Buffalo INC Wnc01Wh Firmware 1.0.0.9 WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2017-04-28 | CVE-2017-2141 | OS Command Injection vulnerability in Iodata Wn-G300R3 Firmware 1.01/1.03 WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-04-28 | CVE-2017-2128 | OS Command Injection vulnerability in Information-Technology Promotion Agency Introduction to Safe Website Operation Security guide for website operators allows remote attackers to execute arbitrary OS commands via specially crafted saved data. | 8.8 |