Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-12 | CVE-2022-37900 | OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2022-12-12 | CVE-2022-37901 | OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2022-12-12 | CVE-2022-37902 | OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2022-12-12 | CVE-2022-37912 | OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 8.8 |
| 2022-12-10 | CVE-2022-45145 | OS Command Injection vulnerability in Call-Cc Chicken egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file. | 9.8 |
| 2022-12-08 | CVE-2022-33186 | OS Command Injection vulnerability in Brocade Fabric Operating System A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. | 9.8 |
| 2022-12-08 | CVE-2022-45497 | OS Command Injection vulnerability in Tenda W6-S Firmware 1.0.0.4(510) Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. | 9.8 |
| 2022-12-08 | CVE-2022-45506 | OS Command Injection vulnerability in Tenda W30E Firmware 1.0.1.25(633) Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. | 9.8 |
| 2022-12-08 | CVE-2022-4364 | OS Command Injection vulnerability in Flir AX8 Firmware A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. | 9.8 |
| 2022-12-07 | CVE-2022-44606 | OS Command Injection vulnerability in Unimo products OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings. | 8.8 |