Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-30 | CVE-2022-34374 | OS Command Injection vulnerability in Dell Container Storage Modules Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. | 8.8 |
2022-08-30 | CVE-2022-37149 | OS Command Injection vulnerability in Wavlink Wl-Wn575A3 Firmware Rpt75A3.V4300.201217 WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. | 9.8 |
2022-08-29 | CVE-2022-38511 | OS Command Injection vulnerability in Totolink A810R Firmware 5.9C.4050B20190424 TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi. | 7.8 |
2022-08-28 | CVE-2022-37056 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main, | 9.8 |
2022-08-28 | CVE-2022-37057 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. | 9.8 |
2022-08-25 | CVE-2022-31499 | OS Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. | 9.8 |
2022-08-25 | CVE-2022-20865 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 6.7 |
2022-08-25 | CVE-2022-36455 | OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. | 7.8 |
2022-08-25 | CVE-2022-37079 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | 7.8 |
2022-08-25 | CVE-2022-37081 | OS Command Injection vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. | 7.8 |