Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-11 | CVE-2022-45104 | OS Command Injection vulnerability in Dell products Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. | 8.8 |
2023-02-10 | CVE-2023-24816 | OS Command Injection vulnerability in Ipython IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. | 7.0 |
2023-02-10 | CVE-2022-46649 | OS Command Injection vulnerability in Sierrawireless Aleos Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device. | 8.8 |
2023-02-10 | CVE-2022-45699 | OS Command Injection vulnerability in Apsystems Ecu-R Firmware 5203 Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter. | 9.8 |
2023-02-07 | CVE-2022-45768 | OS Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.20 Command Injection vulnerability in Edimax Technology Co., Ltd. | 8.8 |
2023-02-07 | CVE-2022-38547 | OS Command Injection vulnerability in Zyxel products A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands. | 7.2 |
2023-02-02 | CVE-2022-46552 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A53Dbr D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. | 8.8 |
2023-02-01 | CVE-2023-23076 | OS Command Injection vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules. | 9.8 |
2023-02-01 | CVE-2023-23692 | OS Command Injection vulnerability in Dell EMC Data Domain OS Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. | 8.8 |
2023-02-01 | CVE-2022-25906 | OS Command Injection vulnerability in Is-Http2 Project Is-Http2 All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function. | 7.8 |