Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-06-23 CVE-2023-30258 OS Command Injection vulnerability in Magnussolution Magnusbilling
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
network
low complexity
magnussolution CWE-78
critical
9.8
2023-06-22 CVE-2023-35174 OS Command Injection vulnerability in Livebook
Livebook is a web application for writing interactive and collaborative code notebooks.
network
low complexity
livebook CWE-78
critical
9.8
2023-06-21 CVE-2023-24261 OS Command Injection vulnerability in Gl-Inet Gl-E750 Firmware 3.215
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request.
network
low complexity
gl-inet CWE-78
7.2
2023-06-20 CVE-2023-33869 OS Command Injection vulnerability in Enphase Envoy Firmware D7.0.88
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.
network
low complexity
enphase CWE-78
critical
9.8
2023-06-19 CVE-2023-27992 OS Command Injection vulnerability in Zyxel Nas326 Firmware, Nas540 Firmware and Nas542 Firmware
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
network
low complexity
zyxel CWE-78
critical
9.8
2023-06-16 CVE-2022-48472 OS Command Injection vulnerability in Huawei Bisheng-Wnm Firmware and Ota-Bisheng Firmware
A Huawei printer has a system command injection vulnerability.
network
low complexity
huawei CWE-78
critical
9.8
2023-06-15 CVE-2023-34800 OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.
network
low complexity
dlink CWE-78
critical
9.8
2023-06-15 CVE-2022-32752 OS Command Injection vulnerability in IBM Security Directory Suite VA 8.0.1/8.0.1.19
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
2023-06-13 CVE-2023-30764 OS Command Injection vulnerability in Kbdevice products
OS command injection vulnerability exists in KB-AHR series and KB-IRIP series.
network
low complexity
kbdevice CWE-78
critical
9.8
2023-06-13 CVE-2023-31198 OS Command Injection vulnerability in Inaba products
OS command injection vulnerability exists in Wi-Fi AP UNIT allows.
network
low complexity
inaba CWE-78
7.2