Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-3368 | OS Command Injection vulnerability in Chamilo Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. | 9.8 |
| 2023-11-27 | CVE-2023-6304 | OS Command Injection vulnerability in Tecno-Mobile Tr118 Firmware Tr118M30Errdenfrarswhapoopv00820220830 A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. | 8.0 |
| 2023-11-20 | CVE-2023-35762 | OS Command Injection vulnerability in Inea ME RTU Firmware 3.36/3.36B Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution. | 9.8 |
| 2023-11-17 | CVE-2023-47675 | OS Command Injection vulnerability in Cubecart CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. | 7.2 |
| 2023-11-16 | CVE-2023-43752 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.0 |
| 2023-11-13 | CVE-2023-5037 | OS Command Injection vulnerability in Hanwhavision products badmonkey, a Security Researcher has found a flaw that allows for a authenticated command injection on the camera. | 7.2 |
| 2023-11-09 | CVE-2023-26156 | OS Command Injection vulnerability in Chromedriver Project Chromedriver Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. | 7.5 |
| 2023-11-08 | CVE-2023-4249 | OS Command Injection vulnerability in Zavio products Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests. | 9.8 |
| 2023-11-03 | CVE-2023-23369 | OS Command Injection vulnerability in Qnap QTS An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 9.8 |
| 2023-11-03 | CVE-2023-41352 | OS Command Injection vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. | 7.2 |