Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-41345 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. | 8.8 |
| 2023-11-03 | CVE-2023-41346 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. | 8.8 |
| 2023-11-03 | CVE-2023-41347 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. | 8.8 |
| 2023-11-03 | CVE-2023-41348 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. | 8.8 |
| 2023-11-01 | CVE-2023-20170 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2 A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
| 2023-11-01 | CVE-2023-20175 | OS Command Injection vulnerability in Cisco Identity Services Engine A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 8.8 |
| 2023-10-31 | CVE-2023-43139 | OS Command Injection vulnerability in Franfinance 1.9.0 An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via the validation.php, and controllers/front/validation.php components. | 9.8 |
| 2023-10-30 | CVE-2023-47104 | OS Command Injection vulnerability in Vareille Tiny File Dialogs tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2023-10-26 | CVE-2023-43208 | OS Command Injection vulnerability in Nextgen Mirth Connect NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. | 9.8 |