Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-28 | CVE-2022-37056 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main, | 9.8 |
| 2022-08-28 | CVE-2022-37057 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. | 9.8 |
| 2022-08-25 | CVE-2022-31499 | OS Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. | 9.8 |
| 2022-08-25 | CVE-2022-20865 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 6.7 |
| 2022-08-25 | CVE-2022-36455 | OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. | 7.8 |
| 2022-08-25 | CVE-2022-37079 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | 7.8 |
| 2022-08-25 | CVE-2022-37081 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. | 7.8 |
| 2022-08-25 | CVE-2022-37082 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost. | 7.8 |
| 2022-08-25 | CVE-2022-37083 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg. | 7.8 |
| 2022-08-25 | CVE-2022-37810 | OS Command Injection vulnerability in Tenda Ac1206 Firmware 15.03.06.23 Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | 9.8 |