Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-21 | CVE-2023-24261 | OS Command Injection vulnerability in Gl-Inet Gl-E750 Firmware 3.215 A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request. | 7.2 |
2023-06-20 | CVE-2023-33869 | OS Command Injection vulnerability in Enphase Envoy Firmware D7.0.88 Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands. | 9.8 |
2023-06-19 | CVE-2023-27992 | OS Command Injection vulnerability in Zyxel Nas326 Firmware, Nas540 Firmware and Nas542 Firmware The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request. | 9.8 |
2023-06-16 | CVE-2022-48472 | OS Command Injection vulnerability in Huawei Bisheng-Wnm Firmware and Ota-Bisheng Firmware A Huawei printer has a system command injection vulnerability. | 9.8 |
2023-06-15 | CVE-2023-34800 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03 D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main. | 9.8 |
2023-06-15 | CVE-2022-32752 | OS Command Injection vulnerability in IBM Security Directory Suite VA 8.0.1/8.0.1.19 IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
2023-06-13 | CVE-2023-30764 | OS Command Injection vulnerability in Kbdevice products OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. | 9.8 |
2023-06-13 | CVE-2023-31198 | OS Command Injection vulnerability in Inaba products OS command injection vulnerability exists in Wi-Fi AP UNIT allows. | 7.2 |
2023-06-13 | CVE-2023-32548 | OS Command Injection vulnerability in Kingsoft WPS Office 10.8.0.6186 OS command injection vulnerability exists in WPS Office version 10.8.0.6186. | 8.1 |
2023-06-13 | CVE-2023-26210 | OS Command Injection vulnerability in Fortinet Fortiadc Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as `root` user via crafted CLI requests. | 7.8 |