Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2020-13378 | OS Command Injection vulnerability in Loadbalancer Enterprise VA MAX 8.3.3/8.3.8 Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code. | 8.8 |
| 2023-05-10 | CVE-2022-29841 | OS Command Injection vulnerability in Westerndigital MY Cloud OS Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. | 9.8 |
| 2023-05-10 | CVE-2023-32568 | OS Command Injection vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. | 7.2 |
| 2023-05-09 | CVE-2023-27407 | OS Command Injection vulnerability in Siemens Scalance Lpe9403 Firmware 2.0 A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). | 9.9 |
| 2023-05-05 | CVE-2023-30053 | OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. | 9.8 |
| 2023-05-05 | CVE-2023-30054 | OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. | 9.8 |
| 2023-05-05 | CVE-2023-30013 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102/9.1.0U.6369B20230113 TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. | 9.8 |
| 2023-05-03 | CVE-2023-27999 | OS Command Injection vulnerability in Fortinet Fortiadc 7.1.0/7.1.1/7.2.0 An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 7.8 |
| 2023-05-03 | CVE-2023-25826 | OS Command Injection vulnerability in Opentsdb Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. | 9.8 |
| 2023-05-02 | CVE-2023-29778 | OS Command Injection vulnerability in Gl-Inet Gl-Mt3000 Firmware 4.1.0 GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread. | 9.8 |