Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-41281 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-02-02 | CVE-2023-41282 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-02-01 | CVE-2023-6078 | OS Command Injection vulnerability in 3DS Biovia Materials Studio 2021/2023 An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. | 9.8 |
| 2024-01-30 | CVE-2024-24325 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24326 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24327 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function. | 9.8 |
| 2024-01-30 | CVE-2024-24328 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24329 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24330 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function. | 9.8 |
| 2024-01-30 | CVE-2024-24331 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function. | 9.8 |