Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-15 | CVE-2022-46631 | OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function. | 9.8 |
| 2022-12-15 | CVE-2022-46634 | OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function. | 9.8 |
| 2022-12-14 | CVE-2022-24377 | OS Command Injection vulnerability in Cycle-Import-Check Project Cycle-Import-Check The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization. | 9.8 |
| 2022-12-14 | CVE-2022-42139 | OS Command Injection vulnerability in Deltaww Dvw-W02W2-E2 Firmware 2.42 Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL. | 8.8 |
| 2022-12-14 | CVE-2022-42140 | OS Command Injection vulnerability in Deltaww Dx-2100-L1-Cn Firmware 1.5.0.10 Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/net_diagnose. | 7.2 |
| 2022-12-13 | CVE-2022-45005 | OS Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14(9732) IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function. | 9.8 |
| 2022-12-12 | CVE-2022-45996 | OS Command Injection vulnerability in Tenda W20E Firmware 16.01.0.6(3392) Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. | 7.2 |
| 2022-12-12 | CVE-2022-45043 | OS Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.16Cn Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set. | 8.8 |
| 2022-12-12 | CVE-2022-45977 | OS Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function. | 8.8 |
| 2022-12-12 | CVE-2022-37897 | OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). | 9.8 |