Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-48108 OS Command Injection vulnerability in Dlink DIR 878 Firmware 1.30B08
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-01-27 CVE-2022-48069 OS Command Injection vulnerability in Totolink A830R Firmware 4.1.2Cu.5182
Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.
network
low complexity
totolink CWE-78
7.5
7.5
2023-01-27 CVE-2022-48070 OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.534.263
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
local
low complexity
phicomm CWE-78
7.8
7.8
2023-01-27 CVE-2022-48072 OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.3.20
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
local
low complexity
phicomm CWE-78
7.8
7.8
2023-01-26 CVE-2022-38066 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-40220 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-40222 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
 9.8
9.8
2023-01-26 CVE-2022-40969 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-42490 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
 9.8
9.8
2023-01-26 CVE-2022-42491 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
 9.8
9.8