Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-23 | CVE-2022-1513 | OS Command Injection vulnerability in Lenovo Pcmanager A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. | 8.8 |
| 2022-08-23 | CVE-2021-42232 | OS Command Injection vulnerability in Tp-Link Archer A7 Firmware 210519 TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. | 9.8 |
| 2022-08-18 | CVE-2022-37061 | OS Command Injection vulnerability in Flir AX8 Firmware All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. | 9.8 |
| 2022-08-17 | CVE-2022-1410 | OS Command Injection vulnerability in Device42 Cmdb OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. | 8.8 |
| 2022-08-16 | CVE-2022-36273 | OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21Cn Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. | 9.8 |
| 2022-08-16 | CVE-2022-36381 | OS Command Injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP 001 Firmware OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2022-08-16 | CVE-2022-36309 | OS Command Injection vulnerability in Airspan Airvelocity 1500 Firmware 15.18.00.2511/9.3.0.01249 Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a root command injection vulnerability in the ActiveBank parameter of the recoverySubmit.cgi script running on the eNodeB's web management UI. | 8.8 |
| 2022-08-12 | CVE-2022-35555 | OS Command Injection vulnerability in Tenda W6 Firmware 1.0.0.9(4122) A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. | 9.8 |
| 2022-08-10 | CVE-2022-20827 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 10.0 |
| 2022-08-05 | CVE-2022-21178 | OS Command Injection vulnerability in TCL Linkhub Mesh Wifi Ac1200 Ms1G0001.0014 An os command injection vulnerability exists in the confsrv ucloud_add_new_node functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. | 9.8 |