Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-05 | CVE-2023-20021 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2 Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
| 2023-04-04 | CVE-2023-26921 | OS Command Injection vulnerability in Quectel Ag550Qcn Firmware OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd. | 9.8 |
| 2023-03-31 | CVE-2023-28726 | OS Command Injection vulnerability in Panasonic Aiseg2 Firmware 2.80F/2.93A Panasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to execute arbitrary OS commands. | 8.8 |
| 2023-03-29 | CVE-2022-43643 | OS Command Injection vulnerability in Dlink Dir-825/Ac Firmware and Dir-825/Ee Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. | 8.8 |
| 2023-03-29 | CVE-2022-43646 | OS Command Injection vulnerability in Dlink Dir-825/Ac Firmware and Dir-825/Ee Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. | 8.8 |
| 2023-03-29 | CVE-2022-43633 | OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. | 6.8 |
| 2023-03-28 | CVE-2023-27394 | OS Command Injection vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. | 9.8 |
| 2023-03-28 | CVE-2023-27886 | OS Command Injection vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. | 9.8 |
| 2023-03-27 | CVE-2018-25083 | OS Command Injection vulnerability in Pull IT Project Pull IT The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name. | 9.8 |
| 2023-03-24 | CVE-2022-28495 | OS Command Injection vulnerability in Totolink Cp900 Firmware 6.3C.566B20171026 TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. | 9.8 |