Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-41642 | OS Command Injection vulnerability in Kujirahand Nadesiko3 OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product. | 9.8 |
| 2022-12-05 | CVE-2022-42496 | OS Command Injection vulnerability in Kujirahand Nadesiko3 OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product. | 9.8 |
| 2022-12-02 | CVE-2022-44930 | OS Command Injection vulnerability in Dlink Dhp-W310Av Firmware 3.10Eu D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. | 9.8 |
| 2022-12-02 | CVE-2022-43325 | OS Command Injection vulnerability in Telosalliance Omnia MPX Node Firmware 1.3.35/1.3.37 An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input. | 9.8 |
| 2022-12-02 | CVE-2022-44928 | OS Command Injection vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03 D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. | 9.8 |
| 2022-12-01 | CVE-2022-3226 | OS Command Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0 An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA. | 7.2 |
| 2022-12-01 | CVE-2022-4257 | OS Command Injection vulnerability in Cdatatec C-Data web Management System A vulnerability was found in C-DATA Web Management System. | 9.8 |
| 2022-12-01 | CVE-2022-4221 | OS Command Injection vulnerability in Asus Nas-M25 Firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7. | 9.8 |
| 2022-12-01 | CVE-2022-45045 | OS Command Injection vulnerability in Xiongmaitech products Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. | 8.8 |
| 2022-11-30 | CVE-2021-4242 | OS Command Injection vulnerability in Sapido products A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. | 8.8 |