Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2023-0861 | OS Command Injection vulnerability in Netmodule Router Software NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103. | 8.8 |
| 2023-02-14 | CVE-2023-0830 | OS Command Injection vulnerability in Easynas 1.1.0 A vulnerability classified as critical has been found in EasyNAS 1.1.0. | 8.8 |
| 2023-02-12 | CVE-2023-20076 | OS Command Injection vulnerability in Cisco products A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. | 8.8 |
| 2023-02-11 | CVE-2022-34447 | OS Command Injection vulnerability in Dell Powerpath Management Appliance PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. | 7.2 |
| 2023-02-11 | CVE-2022-45104 | OS Command Injection vulnerability in Dell products Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. | 8.8 |
| 2023-02-10 | CVE-2023-24816 | OS Command Injection vulnerability in Ipython IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. | 7.0 |
| 2023-02-10 | CVE-2022-46649 | OS Command Injection vulnerability in Sierrawireless Aleos Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device. | 8.8 |
| 2023-02-10 | CVE-2022-45699 | OS Command Injection vulnerability in Apsystems Ecu-R Firmware 5203 Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter. | 9.8 |
| 2023-02-07 | CVE-2022-45768 | OS Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.20 Command Injection vulnerability in Edimax Technology Co., Ltd. | 8.8 |
| 2023-02-07 | CVE-2022-38547 | OS Command Injection vulnerability in Zyxel products A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands. | 7.2 |