Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-05 | CVE-2017-1253 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.9 |
| 2017-07-03 | CVE-2017-8116 | OS Command Injection vulnerability in Teltonika products The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request. | 9.8 |
| 2017-06-29 | CVE-2017-2850 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server. | 8.8 |
| 2017-06-29 | CVE-2017-2849 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during NTP server configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2848 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2847 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2846 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. | 8.8 |
| 2017-06-29 | CVE-2017-2845 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. | 8.8 |
| 2017-06-29 | CVE-2017-2844 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |
| 2017-06-27 | CVE-2017-2843 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |