Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-42139 OS Command Injection vulnerability in Deltaww Dvw-W02W2-E2 Firmware 2.42
Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL.
network
low complexity
deltaww CWE-78
8.8
2022-12-14 CVE-2022-42140 OS Command Injection vulnerability in Deltaww Dx-2100-L1-Cn Firmware 1.5.0.10
Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/net_diagnose.
network
low complexity
deltaww CWE-78
7.2
2022-12-13 CVE-2022-45005 OS Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14(9732)
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.
network
low complexity
ip-com CWE-78
critical
9.8
2022-12-12 CVE-2022-45996 OS Command Injection vulnerability in Tenda W20E Firmware 16.01.0.6(3392)
Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output.
network
low complexity
tenda CWE-78
7.2
2022-12-12 CVE-2022-45043 OS Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.16Cn
Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.
network
low complexity
tenda CWE-78
8.8
2022-12-12 CVE-2022-45977 OS Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.
network
low complexity
tenda CWE-78
8.8
2022-12-12 CVE-2022-37897 OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-78
critical
9.8
2022-12-12 CVE-2022-37898 OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-78
7.2
2022-12-12 CVE-2022-37899 OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-78
7.2
2022-12-12 CVE-2022-37900 OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-78
7.2