Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-46117 | OS Command Injection vulnerability in Six2Dez Reconftw reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. | 8.8 |
| 2023-10-20 | CVE-2023-23373 | OS Command Injection vulnerability in Qnap Qusbcam2 2.0.0 An OS command injection vulnerability has been reported to affect QUSBCam2. | 8.8 |
| 2023-10-19 | CVE-2023-40145 | OS Command Injection vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. | 8.8 |
| 2023-10-17 | CVE-2023-43959 | OS Command Injection vulnerability in Yealink Sip-T19P-E2 Firmware 53.84.0.15 An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component. | 8.8 |
| 2023-10-16 | CVE-2023-3991 | OS Command Injection vulnerability in Freshtomato 2023.3 An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of FreshTomato 2023.3. | 9.8 |
| 2023-10-16 | CVE-2023-45158 | OS Command Injection vulnerability in Web2Py An OS command injection vulnerability exists in web2py 2.24.1 and earlier. | 9.8 |
| 2023-10-13 | CVE-2023-32976 | OS Command Injection vulnerability in Qnap Container Station An OS command injection vulnerability has been reported to affect Container Station. | 7.2 |
| 2023-10-13 | CVE-2023-45467 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings. | 9.8 |
| 2023-10-11 | CVE-2023-27380 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
| 2023-10-11 | CVE-2023-28381 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |