Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2022-27489 | OS Command Injection vulnerability in Fortinet Fortiextender Firmware A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. | 7.2 |
| 2023-02-16 | CVE-2022-30303 | OS Command Injection vulnerability in Fortinet Fortiweb An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions may allow an authenticated attacker to execute arbitrary shell code as `root` user via crafted HTTP requests. | 8.8 |
| 2023-02-16 | CVE-2022-33869 | OS Command Injection vulnerability in Fortinet Fortiwan An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 8.8 |
| 2023-02-16 | CVE-2023-23779 | OS Command Injection vulnerability in Fortinet Fortiweb Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests. | 8.8 |
| 2023-02-16 | CVE-2023-0861 | OS Command Injection vulnerability in Netmodule Router Software NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103. | 8.8 |
| 2023-02-14 | CVE-2023-0830 | OS Command Injection vulnerability in Easynas 1.1.0 A vulnerability classified as critical has been found in EasyNAS 1.1.0. | 8.8 |
| 2023-02-12 | CVE-2023-20076 | OS Command Injection vulnerability in Cisco products A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. | 8.8 |
| 2023-02-11 | CVE-2022-34447 | OS Command Injection vulnerability in Dell Powerpath Management Appliance PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. | 7.2 |
| 2023-02-11 | CVE-2022-45104 | OS Command Injection vulnerability in Dell products Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. | 8.8 |
| 2023-02-10 | CVE-2023-24816 | OS Command Injection vulnerability in Ipython IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. | 7.0 |