Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-36548 | OS Command Injection vulnerability in Fortinet Fortiwlm A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters. | 9.8 |
| 2023-10-10 | CVE-2023-36549 | OS Command Injection vulnerability in Fortinet Fortiwlm A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters. | 9.8 |
| 2023-10-10 | CVE-2023-36550 | OS Command Injection vulnerability in Fortinet Fortiwlm A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters. | 9.8 |
| 2023-10-10 | CVE-2023-41838 | OS Command Injection vulnerability in Fortinet Fortianalyzer and Fortimanager An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli. | 7.1 |
| 2023-10-10 | CVE-2023-42788 | OS Command Injection vulnerability in Fortinet Fortianalyzer and Fortimanager An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local attacker with low privileges to execute unauthorized code via specifically crafted arguments to a CLI command | 6.7 |
| 2023-10-10 | CVE-2023-30805 | OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall 8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. | 9.8 |
| 2023-10-10 | CVE-2023-30806 | OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall Ngaf8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. | 9.8 |
| 2023-10-05 | CVE-2023-43069 | OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0 Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. | 7.8 |
| 2023-10-05 | CVE-2023-4401 | OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0 Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. | 8.8 |
| 2023-10-04 | CVE-2023-36618 | OS Command Injection vulnerability in Unify Session Border Controller 10R3.01.03 Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users. | 8.8 |