Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-02 | CVE-2018-12577 | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16 The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. | 8.8 |
| 2018-06-29 | CVE-2018-12465 | OS Command Injection vulnerability in Microfocus Secure Messaging Gateway An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. | 7.2 |
| 2018-06-29 | CVE-2018-12972 | OS Command Injection vulnerability in Opentsdb 2.3.0 An issue was discovered in OpenTSDB 2.3.0. | 9.8 |
| 2018-06-28 | CVE-2018-11510 | OS Command Injection vulnerability in Asustor ADM The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter. | 9.8 |
| 2018-06-26 | CVE-2018-4860 | OS Command Injection vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 7.2 |
| 2018-06-26 | CVE-2018-4859 | OS Command Injection vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 7.2 |
| 2018-06-26 | CVE-2018-10660 | OS Command Injection vulnerability in Axis products An issue was discovered in multiple models of Axis IP Cameras. | 9.8 |
| 2018-06-26 | CVE-2018-0569 | OS Command Injection vulnerability in Basercms baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2018-06-23 | CVE-2018-12692 | OS Command Injection vulnerability in Tp-Link Tl-Wa850Re Firmware TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json. | 8.8 |
| 2018-06-21 | CVE-2018-0306 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.8 |