Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-19 | CVE-2017-5173 | OS Command Injection vulnerability in Geutebrueck IP Camera G-Cam Efd-2250 Firmware 1.11.0.12 An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. | 9.8 |
| 2017-05-05 | CVE-2017-8799 | OS Command Injection vulnerability in Irods 4.1.10/4.2.0 Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. | 9.8 |
| 2017-05-04 | CVE-2017-8768 | OS Command Injection vulnerability in Atlassian Sourcetree Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. | 9.8 |
| 2017-04-29 | CVE-2017-7981 | OS Command Injection vulnerability in multiple products Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. | 8.8 |
| 2017-04-28 | CVE-2017-2152 | OS Command Injection vulnerability in Buffalo INC Wnc01Wh Firmware 1.0.0.9 WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2017-04-28 | CVE-2017-2141 | OS Command Injection vulnerability in Iodata Wn-G300R3 Firmware 1.01/1.03 WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-04-28 | CVE-2017-2128 | OS Command Injection vulnerability in Information-Technology Promotion Agency Introduction to Safe Website Operation Security guide for website operators allows remote attackers to execute arbitrary OS commands via specially crafted saved data. | 8.8 |
| 2017-04-28 | CVE-2017-2112 | OS Command Injection vulnerability in Iodata products TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2017-04-28 | CVE-2017-2096 | OS Command Injection vulnerability in Smalruby Smalruby-Editor smalruby-editor v0.4.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2017-04-25 | CVE-2017-8220 | OS Command Injection vulnerability in Tp-Link C20I Firmware and C2 Firmware TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data. | 9.9 |