Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2024-24331 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function. | 9.8 |
| 2024-01-30 | CVE-2024-24332 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24333 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclRules function. | 9.8 |
| 2024-01-29 | CVE-2023-49038 | OS Command Injection vulnerability in Buffalo Ls210D Firmware 1.780.03 Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root. | 7.2 |
| 2024-01-26 | CVE-2023-38317 | OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. | 9.8 |
| 2024-01-26 | CVE-2023-38318 | OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. | 9.8 |
| 2024-01-26 | CVE-2023-38319 | OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. | 9.8 |
| 2024-01-26 | CVE-2023-38323 | OS Command Injection vulnerability in Opennds An issue was discovered in OpenNDS before 10.1.3. | 9.8 |
| 2024-01-24 | CVE-2024-22366 | OS Command Injection vulnerability in Yamaha products Active debug code exists in Yamaha wireless LAN access point devices. | 6.8 |
| 2024-01-24 | CVE-2024-22372 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. | 6.8 |