Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-19 | CVE-2022-47555 | OS Command Injection vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor. | 8.8 |
| 2023-09-15 | CVE-2023-28614 | OS Command Injection vulnerability in Freewillsolutions Smart Trade 20.01.01.04 Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters to a report page. | 9.8 |
| 2023-09-13 | CVE-2022-35849 | OS Command Injection vulnerability in Fortinet Fortiadc An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 8.8 |
| 2023-09-13 | CVE-2023-36642 | OS Command Injection vulnerability in Fortinet Fortitester An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 7.8 |
| 2023-09-06 | CVE-2023-41149 | OS Command Injection vulnerability in F-Revocrm 7.3.7/7.3.8 F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. | 9.8 |
| 2023-09-06 | CVE-2023-31188 | OS Command Injection vulnerability in Tp-Link Archer C50 V3 Firmware and Archer C55 Firmware Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-36489 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. | 8.8 |
| 2023-09-06 | CVE-2023-38563 | OS Command Injection vulnerability in Tp-Link Archer C1200 Firmware and Archer C9 Firmware Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. | 8.8 |
| 2023-09-06 | CVE-2023-38568 | OS Command Injection vulnerability in Tp-Link Archer A10 Firmware 230504 Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands. | 8.8 |
| 2023-09-06 | CVE-2023-38588 | OS Command Injection vulnerability in Tp-Link Archer C3150 Firmware Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |