Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-10-02 CVE-2023-43892 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings.
network
low complexity
netis-systems CWE-78
critical
 9.8
9.8
2023-10-02 CVE-2023-43893 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function.
network
low complexity
netis-systems CWE-78
critical
 9.8
9.8
2023-10-02 CVE-2023-43890 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page.
network
low complexity
netis-systems CWE-78
8.8
8.8
2023-09-27 CVE-2023-3767 OS Command Injection vulnerability in Easyphp Webserver 14.1
An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1.
network
low complexity
easyphp CWE-78
critical
 9.8
9.8
2023-09-22 CVE-2023-43129 OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-09-22 CVE-2023-43130 OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-09-22 CVE-2022-3874 OS Command Injection vulnerability in multiple products
A command injection flaw was found in foreman.
network
low complexity
redhat theforeman CWE-78
critical
 9.1
9.1
2023-09-22 CVE-2023-23362 OS Command Injection vulnerability in Qnap QTS and Qutscloud
An OS command injection vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap CWE-78
8.8
8.8
2023-09-20 CVE-2023-0118 OS Command Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-78
critical
 9.1
9.1
2023-09-19 CVE-2022-47555 OS Command Injection vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware
Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor.
network
low complexity
ormazabal CWE-78
8.8
8.8