Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-20273 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. | 7.2 |
| 2023-10-23 | CVE-2023-33839 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-10-23 | CVE-2023-43066 | OS Command Injection vulnerability in Dell products Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. | 7.8 |
| 2023-10-22 | CVE-2023-46306 | OS Command Injection vulnerability in Netmodule Router Software The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter. | 6.6 |
| 2023-10-21 | CVE-2023-5684 | OS Command Injection vulnerability in Byzoro Smart S85F Firmware 20231010 A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. | 9.8 |
| 2023-10-21 | CVE-2023-5683 | OS Command Injection vulnerability in Byzoro Smart S85F Firmware 20231010 A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. | 9.8 |
| 2023-10-20 | CVE-2023-46117 | OS Command Injection vulnerability in Six2Dez Reconftw reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. | 8.8 |
| 2023-10-20 | CVE-2023-23373 | OS Command Injection vulnerability in Qnap Qusbcam2 2.0.0 An OS command injection vulnerability has been reported to affect QUSBCam2. | 8.8 |
| 2023-10-19 | CVE-2023-40145 | OS Command Injection vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. | 8.8 |
| 2023-10-17 | CVE-2023-43959 | OS Command Injection vulnerability in Yealink Sip-T19P-E2 Firmware 53.84.0.15 An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component. | 8.8 |