Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2022-38066 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
2023-01-26 CVE-2022-40220 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
2023-01-26 CVE-2022-40222 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-40969 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
2023-01-26 CVE-2022-42490 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42491 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42492 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42493 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2023-24422 OS Command Injection vulnerability in Jenkins Script Security
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
local
low complexity
jenkins CWE-78
8.8
2023-01-26 CVE-2022-29843 OS Command Injection vulnerability in Westerndigital products
A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user.
network
low complexity
westerndigital CWE-78
critical
9.8