Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-33617 | OS Command Injection vulnerability in Eparks Fiberlink 210 Firmware 2.1.14X000 An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter. | 7.2 |
| 2023-05-23 | CVE-2023-23693 | OS Command Injection vulnerability in Dell Vxrail Hyperconverged Infrastructure Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. | 8.2 |
| 2023-05-23 | CVE-2023-23694 | OS Command Injection vulnerability in Dell Vxrail Hyperconverged Infrastructure Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. | 7.8 |
| 2023-05-23 | CVE-2023-27514 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-27521 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-28392 | OS Command Injection vulnerability in Inaba products Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow an authenticated user with an administrative privilege to execute an arbitrary OS command. | 7.2 |
| 2023-05-23 | CVE-2023-28394 | OS Command Injection vulnerability in Beekeeperstudio Beekeeper-Studio Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. | 8.8 |
| 2023-05-22 | CVE-2023-32350 | OS Command Injection vulnerability in Teltonika-Networks products Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. | 8.8 |
| 2023-05-19 | CVE-2023-31756 | OS Command Injection vulnerability in Tp-Link Archer Vr1600V Firmware 0.1.00.9.1V5006.0Build200810Rel.53181N A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. | 6.7 |
| 2023-05-18 | CVE-2023-20163 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |