Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-30 | CVE-2023-27988 | OS Command Injection vulnerability in Zyxel Nas326 Firmware, Nas540 Firmware and Nas542 Firmware The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely. | 7.2 |
| 2023-05-29 | CVE-2023-30253 | OS Command Injection vulnerability in Dolibarr Erp/Crm Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data. | 8.8 |
| 2023-05-26 | CVE-2023-31128 | OS Command Injection vulnerability in Nextcloud Cookbook NextCloud Cookbook is a recipe library app. | 8.8 |
| 2023-05-23 | CVE-2023-33617 | OS Command Injection vulnerability in Eparks Fiberlink 210 Firmware 2.1.14X000 An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter. | 7.2 |
| 2023-05-23 | CVE-2023-27514 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-27521 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-28392 | OS Command Injection vulnerability in Inaba products Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow an authenticated user with an administrative privilege to execute an arbitrary OS command. | 7.2 |
| 2023-05-23 | CVE-2023-28394 | OS Command Injection vulnerability in Beekeeperstudio Beekeeper-Studio Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. | 8.8 |
| 2023-05-19 | CVE-2023-31756 | OS Command Injection vulnerability in Tp-Link Archer Vr1600V Firmware 0.1.00.9.1V5006.0Build200810Rel.53181N A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. | 6.7 |
| 2023-05-18 | CVE-2023-20163 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |