Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2024-23059 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function. | 9.8 |
| 2024-01-11 | CVE-2024-23060 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function. | 9.8 |
| 2024-01-11 | CVE-2024-23061 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function. | 9.8 |
| 2024-01-11 | CVE-2024-21773 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings. | 8.8 |
| 2024-01-11 | CVE-2024-21821 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands. | 8.0 |
| 2024-01-11 | CVE-2024-21833 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. | 8.8 |
| 2024-01-08 | CVE-2023-35959 | OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. | 7.8 |
| 2024-01-08 | CVE-2023-35960 | OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. | 7.8 |
| 2024-01-08 | CVE-2023-35961 | OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. | 7.8 |
| 2024-01-08 | CVE-2023-35962 | OS Command Injection vulnerability in Tonybybell Gtkwave 3.3.115 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. | 7.8 |