Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-26156 | OS Command Injection vulnerability in Chromedriver Project Chromedriver Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. | 7.5 |
| 2023-11-08 | CVE-2023-4249 | OS Command Injection vulnerability in Zavio products Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests. | 9.8 |
| 2023-11-03 | CVE-2023-23369 | OS Command Injection vulnerability in Qnap QTS An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 9.8 |
| 2023-11-03 | CVE-2023-41352 | OS Command Injection vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. | 7.2 |
| 2023-11-03 | CVE-2023-41345 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. | 8.8 |
| 2023-11-03 | CVE-2023-41346 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. | 8.8 |
| 2023-11-03 | CVE-2023-41347 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. | 8.8 |
| 2023-11-03 | CVE-2023-41348 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. | 8.8 |
| 2023-11-01 | CVE-2023-20170 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2 A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
| 2023-11-01 | CVE-2023-20175 | OS Command Injection vulnerability in Cisco Identity Services Engine A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 8.8 |