Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-21 | CVE-2022-26147 | OS Command Injection vulnerability in Quectel Rg502Q-Ea Firmware The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. | 9.8 |
| 2022-06-21 | CVE-2022-2068 | OS Command Injection vulnerability in multiple products In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. | 9.8 |
| 2022-06-20 | CVE-2022-31794 | OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1 An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. | 9.8 |
| 2022-06-20 | CVE-2022-31795 | OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1 An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. | 9.8 |
| 2022-06-16 | CVE-2022-30329 | OS Command Injection vulnerability in Trendnet Tew-831Dr Firmware 1.0601.130.1.1356 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. | 9.8 |
| 2022-06-16 | CVE-2022-30023 | OS Command Injection vulnerability in Tenda HG9 Firmware 1.0.1 Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. | 8.8 |
| 2022-06-15 | CVE-2022-33140 | OS Command Injection vulnerability in Apache Nifi and Nifi Registry The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. | 8.8 |
| 2022-06-14 | CVE-2022-31311 | OS Command Injection vulnerability in Wavlink Aerial X 1200M Firmware M79X3.V5030.180719 An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. | 9.8 |
| 2022-06-14 | CVE-2022-31446 | OS Command Injection vulnerability in Tendacn Ac18 Firmware 15.03.05.05/15.03.05.19 Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | 9.8 |
| 2022-06-11 | CVE-2021-41738 | OS Command Injection vulnerability in Zeroshell 3.9.5 ZeroShell 3.9.5 has a command injection vulnerability in /cgi-bin/kerbynet IP parameter, which may allow an authenticated attacker to execute system commands. | 8.8 |