Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-36548 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
network
low complexity
fortinet CWE-78
critical
9.8
2023-10-10 CVE-2023-36549 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
network
low complexity
fortinet CWE-78
critical
9.8
2023-10-10 CVE-2023-36550 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
network
low complexity
fortinet CWE-78
critical
9.8
2023-10-10 CVE-2023-41838 OS Command Injection vulnerability in Fortinet Fortianalyzer and Fortimanager
An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli.
local
low complexity
fortinet CWE-78
7.1
2023-10-10 CVE-2023-42788 OS Command Injection vulnerability in Fortinet Fortianalyzer and Fortimanager
An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local attacker with low privileges to execute unauthorized code via specifically crafted arguments to a CLI command
local
low complexity
fortinet CWE-78
6.7
2023-10-10 CVE-2023-30805 OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall 8.0.17
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability.
network
low complexity
sangfor CWE-78
critical
9.8
2023-10-10 CVE-2023-30806 OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall Ngaf8.0.17
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability.
network
low complexity
sangfor CWE-78
critical
9.8
2023-10-05 CVE-2023-43069 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI.
local
low complexity
dell CWE-78
7.8
2023-10-05 CVE-2023-4401 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command.
network
low complexity
dell CWE-78
8.8
2023-10-04 CVE-2023-36618 OS Command Injection vulnerability in Unify Session Border Controller 10R3.01.03
Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users.
network
low complexity
unify CWE-78
8.8