Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-27514 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-27521 | OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command. | 8.8 |
| 2023-05-23 | CVE-2023-28392 | OS Command Injection vulnerability in Inaba products Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow an authenticated user with an administrative privilege to execute an arbitrary OS command. | 7.2 |
| 2023-05-23 | CVE-2023-28394 | OS Command Injection vulnerability in Beekeeperstudio Beekeeper-Studio Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. | 8.8 |
| 2023-05-19 | CVE-2023-31756 | OS Command Injection vulnerability in Tp-Link Archer Vr1600V Firmware 0.1.00.9.1V5006.0Build200810Rel.53181N A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. | 6.7 |
| 2023-05-18 | CVE-2023-20163 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |
| 2023-05-18 | CVE-2023-20164 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |
| 2023-05-17 | CVE-2023-24805 | OS Command Injection vulnerability in multiple products cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. | 8.8 |
| 2023-05-12 | CVE-2020-13378 | OS Command Injection vulnerability in Loadbalancer Enterprise VA MAX 8.3.3/8.3.8 Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code. | 8.8 |
| 2023-05-10 | CVE-2022-29841 | OS Command Injection vulnerability in Westerndigital MY Cloud OS Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. | 9.8 |