Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-37070 | OS Command Injection vulnerability in H3C Gr-1200W Firmware H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. | 9.8 |
| 2022-08-25 | CVE-2022-37076 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | 7.8 |
| 2022-08-24 | CVE-2022-2234 | OS Command Injection vulnerability in Myscada Mypro An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system. | 8.8 |
| 2022-08-24 | CVE-2022-36633 | OS Command Injection vulnerability in Goteleport Teleport Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. | 8.8 |
| 2022-08-24 | CVE-2022-38132 | OS Command Injection vulnerability in Linksys Mr8300 Firmware 1.0 Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. | 8.8 |
| 2022-08-23 | CVE-2022-1513 | OS Command Injection vulnerability in Lenovo Pcmanager A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. | 8.8 |
| 2022-08-23 | CVE-2021-42232 | OS Command Injection vulnerability in Tp-Link Archer A7 Firmware 210519 TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. | 9.8 |
| 2022-08-18 | CVE-2022-37061 | OS Command Injection vulnerability in Flir AX8 Firmware All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. | 9.8 |
| 2022-08-17 | CVE-2022-1410 | OS Command Injection vulnerability in Device42 Cmdb OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. | 8.8 |
| 2022-08-16 | CVE-2022-36273 | OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21Cn Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. | 9.8 |