Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-13 | CVE-2023-36642 | OS Command Injection vulnerability in Fortinet Fortitester An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 7.8 |
| 2023-09-10 | CVE-2023-4873 | OS Command Injection vulnerability in Byzoro Smart S45F Firmware 20230822/20230906 A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. | 9.8 |
| 2023-09-07 | CVE-2023-38032 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-38033 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-39236 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-39237 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-38031 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. | 8.8 |
| 2023-09-06 | CVE-2021-36023 | OS Command Injection vulnerability in Magento Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. | 7.2 |
| 2023-09-06 | CVE-2023-41149 | OS Command Injection vulnerability in F-Revocrm 7.3.7/7.3.8 F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. | 9.8 |
| 2023-09-06 | CVE-2023-31188 | OS Command Injection vulnerability in Tp-Link Archer C50 V3 Firmware and Archer C55 Firmware Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |