Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-07	CVE-2022-32054	OS Command Injection vulnerability in Tenda Ac10 Firmware 15.03.06.26 Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter. network low complexity tenda CWE-78 critical	9.8
2022-07-07	CVE-2022-25048	OS Command Injection vulnerability in Control-Webpanel Webpanel 0.9.8.1126 Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user. network low complexity control-webpanel CWE-78	8.8
2022-07-06	CVE-2022-34595	OS Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.12890 Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status. network low complexity tenda CWE-78 critical	9.8
2022-07-06	CVE-2022-34596	OS Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.12890 Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting. network low complexity tenda CWE-78 critical	9.8
2022-07-06	CVE-2022-34597	OS Command Injection vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting. network low complexity tenda CWE-78 critical	9.8
2022-07-04	CVE-2022-33948	OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101/V102 HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. low complexity kddi CWE-78	8.8
2022-07-01	CVE-2022-2185	OS Command Injection vulnerability in Gitlab A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution. network low complexity gitlab CWE-78	8.8
2022-06-30	CVE-2014-0156	OS Command Injection vulnerability in Manageiq Awesomespawn Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. network low complexity manageiq CWE-78 critical	9.8
2022-06-30	CVE-2022-33312	OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0 Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. network low complexity robustel CWE-78 critical	9.8
2022-06-30	CVE-2022-33313	OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0 Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. network low complexity robustel CWE-78 critical	9.8