Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-25 | CVE-2023-40581 | OS Command Injection vulnerability in Yt-Dlp Project Yt-Dlp yt-dlp is a youtube-dl fork with additional features and fixes. | 7.8 |
| 2023-09-22 | CVE-2023-43129 | OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11 D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters. | 9.8 |
| 2023-09-22 | CVE-2023-43130 | OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11 D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection. | 9.8 |
| 2023-09-22 | CVE-2022-3874 | OS Command Injection vulnerability in multiple products A command injection flaw was found in foreman. | 9.1 |
| 2023-09-22 | CVE-2023-23362 | OS Command Injection vulnerability in Qnap QTS and Qutscloud An OS command injection vulnerability has been reported to affect QNAP operating systems. | 8.8 |
| 2023-09-20 | CVE-2023-0118 | OS Command Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-19 | CVE-2022-47555 | OS Command Injection vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor. | 8.8 |
| 2023-09-18 | CVE-2023-35850 | OS Command Injection vulnerability in Sun.Net Wmpro 5.0 SUNNET WMPro portal's file management function has a vulnerability of insufficient filtering for user input. | 7.2 |
| 2023-09-15 | CVE-2023-28614 | OS Command Injection vulnerability in Freewillsolutions Smart Trade 20.01.01.04 Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters to a report page. | 9.8 |
| 2023-09-13 | CVE-2022-35849 | OS Command Injection vulnerability in Fortinet Fortiadc An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 8.8 |