Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-11 | CVE-2022-48252 | OS Command Injection vulnerability in Pi.Alert Project Pi.Alert 1.0 The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan.php (scan parameter) OS Command Injection. | 9.8 |
| 2023-01-09 | CVE-2022-43971 | OS Command Injection vulnerability in Linksys Wumc710 Firmware 1.0.00/1.0.01/1.0.02 An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). | 7.2 |
| 2023-01-09 | CVE-2022-43973 | OS Command Injection vulnerability in Linksys Wrt54Gl Firmware 4.30.18.006 An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. | 7.2 |
| 2023-01-06 | CVE-2022-44149 | OS Command Injection vulnerability in Nexxtsolutions Amp300 Firmware 42.103.1.5095/80.103.2.5045 The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. | 8.8 |
| 2023-01-05 | CVE-2022-44877 | OS Command Injection vulnerability in Control-Webpanel Webpanel login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. | 9.8 |
| 2023-01-05 | CVE-2022-43536 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 8.8 |
| 2023-01-05 | CVE-2022-43537 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
| 2023-01-05 | CVE-2022-43538 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
| 2023-01-03 | CVE-2022-35845 | OS Command Injection vulnerability in Fortinet Fortitester Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell. | 8.8 |
| 2023-01-03 | CVE-2022-39947 | OS Command Injection vulnerability in Fortinet Fortiadc A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | 8.8 |