Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-43387 | OS Command Injection vulnerability in Phoenixcontact products A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices. | 8.8 |
| 2024-09-10 | CVE-2024-7699 | OS Command Injection vulnerability in Phoenixcontact products An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data. | 8.8 |
| 2024-09-10 | CVE-2024-6342 | **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542 firmware versions through V5.21(ABAG.15)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. | 9.8 |
| 2024-09-08 | CVE-2024-8574 | OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.861B20230220 A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 and classified as critical. | 8.8 |
| 2024-09-06 | CVE-2024-44844 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function. | 8.8 |
| 2024-09-06 | CVE-2024-44845 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function. | 8.8 |
| 2024-09-06 | CVE-2023-34974 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
| 2024-09-06 | CVE-2023-34979 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-09-06 | CVE-2023-39300 | OS Command Injection vulnerability in Qnap QTS An OS command injection vulnerability has been reported to affect legacy QTS. | 7.2 |
| 2024-09-06 | CVE-2024-21898 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |