Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-06 | CVE-2024-44844 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function. | 8.8 |
2024-09-06 | CVE-2024-44845 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function. | 8.8 |
2024-09-06 | CVE-2023-34974 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
2024-09-06 | CVE-2023-34979 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
2024-09-06 | CVE-2023-39300 | OS Command Injection vulnerability in Qnap QTS An OS command injection vulnerability has been reported to affect legacy QTS. | 7.2 |
2024-09-06 | CVE-2024-21898 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
2024-09-06 | CVE-2024-21906 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 4.7 |
2024-09-05 | CVE-2024-7591 | OS Command Injection vulnerability in Kemptechnologies Loadmaster and Multi-Tenant Hypervisor Firmware Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above | 7.2 |
2024-09-04 | CVE-2024-20469 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2/3.3 A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
2024-09-04 | CVE-2024-43405 | OS Command Injection vulnerability in Projectdiscovery Nuclei Nuclei is a vulnerability scanner powered by YAML based templates. | 7.8 |