Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2022-43628 OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers.
low complexity
dlink CWE-78
6.8
6.8
2023-03-29 CVE-2022-43629 OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers.
low complexity
dlink CWE-78
6.8
6.8
2023-03-29 CVE-2022-43631 OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers.
low complexity
dlink CWE-78
6.8
6.8
2023-03-29 CVE-2022-43632 OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers.
low complexity
dlink CWE-78
6.8
6.8
2023-03-29 CVE-2022-43633 OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers.
low complexity
dlink CWE-78
6.8
6.8
2023-03-28 CVE-2023-27394 OS Command Injection vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01
Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability.
network
low complexity
propumpservice CWE-78
critical
 9.8
9.8
2023-03-28 CVE-2023-27886 OS Command Injection vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability.
network
low complexity
propumpservice CWE-78
critical
 9.8
9.8
2023-03-27 CVE-2023-28102 OS Command Injection vulnerability in Discordrb Project Discordrb
discordrb is an implementation of the Discord API using Ruby.
network
low complexity
discordrb-project CWE-78
critical
 9.6
9.6
2023-03-27 CVE-2023-28627 OS Command Injection vulnerability in Pymedusa Medusa
pymedusa is an automatic video library manager for TV Shows.
network
low complexity
pymedusa CWE-78
8.8
8.8
2023-03-27 CVE-2023-24841 OS Command Injection vulnerability in Hgiga Oaklouds Mailsherlock 4.5
HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input.
network
low complexity
hgiga CWE-78
7.2
7.2