Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-3991 | OS Command Injection vulnerability in Freshtomato 2023.3 An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of FreshTomato 2023.3. | 9.8 |
| 2023-10-16 | CVE-2023-45158 | OS Command Injection vulnerability in Web2Py An OS command injection vulnerability exists in web2py 2.24.1 and earlier. | 9.8 |
| 2023-10-13 | CVE-2023-32976 | OS Command Injection vulnerability in Qnap Container Station An OS command injection vulnerability has been reported to affect Container Station. | 7.2 |
| 2023-10-13 | CVE-2023-45467 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings. | 9.8 |
| 2023-10-11 | CVE-2023-27380 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-11 | CVE-2023-28381 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-11 | CVE-2023-34356 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-11 | CVE-2023-35193 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-11 | CVE-2023-35194 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-10 | CVE-2022-22298 | OS Command Injection vulnerability in Fortinet Fortiisolator A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiIsolator version 1.0.0, FortiIsolator version 1.1.0, FortiIsolator version 1.2.0 through 1.2.2, FortiIsolator version 2.0.0 through 2.0.1, FortiIsolator version 2.1.0 through 2.1.2, FortiIsolator version 2.2.0, FortiIsolator version 2.3.0 through 2.3.4 allows attacker to execute arbitrary OS commands in the underlying shell via specially crafted input parameters. | 7.8 |