Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-39819 | OS Command Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. | 8.8 |
| 2022-09-13 | CVE-2022-36779 | OS Command Injection vulnerability in multiple products PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301 | 9.8 |
| 2022-09-12 | CVE-2022-37860 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 190531 The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability. | 9.8 |
| 2022-09-09 | CVE-2022-29061 | OS Command Injection vulnerability in Fortinet Fortisoar An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests. | 7.2 |
| 2022-09-08 | CVE-2022-30079 | OS Command Injection vulnerability in Netgear R6200 R6200V2V1.0.3.12 Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. | 8.8 |
| 2022-09-08 | CVE-2022-33941 | OS Command Injection vulnerability in Alfasado Powercms PowerCMS XMLRPC API provided by Alfasado Inc. | 9.8 |
| 2022-09-08 | CVE-2022-35273 | OS Command Injection vulnerability in Allied-Telesis Centrecom Ar260S Firmware OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command. | 8.8 |
| 2022-09-08 | CVE-2022-38094 | OS Command Injection vulnerability in Allied-Telesis Centrecom Ar260S Firmware OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command. | 8.8 |
| 2022-09-08 | CVE-2022-38531 | OS Command Injection vulnerability in FPT G-97Rg3 Firmware and G-97Rg6M Firmware FPT G-97RG6M R4.2.98.035 and G-97RG3 R4.2.43.078 are vulnerable to Remote Command Execution in the ping function. | 8.8 |
| 2022-09-07 | CVE-2022-30078 | OS Command Injection vulnerability in Netgear R6200 Firmware and R6300 Firmware NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters. | 8.8 |