Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-41348 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. | 8.8 |
| 2023-11-01 | CVE-2023-20170 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2 A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
| 2023-11-01 | CVE-2023-20175 | OS Command Injection vulnerability in Cisco Identity Services Engine A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 8.8 |
| 2023-10-31 | CVE-2023-43139 | OS Command Injection vulnerability in Franfinance 1.9.0 An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via the validation.php, and controllers/front/validation.php components. | 9.8 |
| 2023-10-30 | CVE-2023-47104 | OS Command Injection vulnerability in Vareille Tiny File Dialogs tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2023-10-26 | CVE-2023-43208 | OS Command Injection vulnerability in Nextgen Mirth Connect NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. | 9.8 |
| 2023-10-25 | CVE-2023-20273 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. | 7.2 |
| 2023-10-23 | CVE-2023-33839 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-10-23 | CVE-2023-43066 | OS Command Injection vulnerability in Dell products Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. | 7.8 |