Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-08 | CVE-2018-1239 | OS Command Injection vulnerability in Dell products Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. | 7.2 |
| 2018-05-04 | CVE-2018-10562 | OS Command Injection vulnerability in Dasannetworks Gpon Router Firmware An issue was discovered on Dasan GPON home routers. | 9.8 |
| 2018-05-01 | CVE-2017-17020 | OS Command Injection vulnerability in Dlink products On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system. | 8.8 |
| 2018-04-26 | CVE-2018-10431 | OS Command Injection vulnerability in D-Link Dir-615 Firmware 2.5.17 D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | 7.2 |
| 2018-04-24 | CVE-2018-3836 | OS Command Injection vulnerability in multiple products An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. | 7.8 |
| 2018-04-19 | CVE-2018-1144 | OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | 9.8 |
| 2018-04-19 | CVE-2018-1143 | OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi. | 9.8 |
| 2018-04-19 | CVE-2018-1167 | OS Command Injection vulnerability in Spotify 1.0.69.336 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Spotify Music Player 1.0.69.336. | 8.8 |
| 2018-04-18 | CVE-2018-8735 | OS Command Injection vulnerability in Nagios XI Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection. | 8.8 |
| 2018-04-11 | CVE-2017-14459 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). | 9.8 |