Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-06 | CVE-2023-39224 | OS Command Injection vulnerability in Tp-Link Archer C7 Firmware 180114 Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-39935 | OS Command Injection vulnerability in Tp-Link Archer C5400 Firmware Archer C5400 firmware versions prior to 'Archer C5400(JP)_V2_230506' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40193 | OS Command Injection vulnerability in Tp-Link Deco M4 Firmware Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40357 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40531 | OS Command Injection vulnerability in Tp-Link Archer Ax6000 Firmware Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-05 | CVE-2015-2201 | OS Command Injection vulnerability in multiple products Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users. | 7.2 |
| 2023-08-30 | CVE-2023-40837 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. | 9.8 |
| 2023-08-30 | CVE-2023-40838 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability. | 9.8 |
| 2023-08-30 | CVE-2023-40839 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. | 9.8 |
| 2023-08-28 | CVE-2023-41109 | OS Command Injection vulnerability in Patton Smartnode Sn200 Firmware 2.21.122041/3.21.223021 SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection. | 9.8 |