Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-31245 | OS Command Injection vulnerability in Mailcow Mailcow: Dockerized mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. | 8.8 |
| 2022-05-20 | CVE-2021-34111 | OS Command Injection vulnerability in Thecus N4800Eco Firmware Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. | 9.8 |
| 2022-05-18 | CVE-2021-42852 | OS Command Injection vulnerability in Lenovo products A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device. | 8.0 |
| 2022-05-18 | CVE-2022-30105 | OS Command Injection vulnerability in Belkin N300 Firmware 1.00.08 In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. | 9.8 |
| 2022-05-18 | CVE-2022-29516 | OS Command Injection vulnerability in Fujitsu products The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. | 9.8 |
| 2022-05-17 | CVE-2022-1362 | OS Command Injection vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. | 7.3 |
| 2022-05-17 | CVE-2022-23672 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 7.2 |
| 2022-05-17 | CVE-2022-23673 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 7.2 |
| 2022-05-16 | CVE-2022-23667 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 7.2 |
| 2022-05-16 | CVE-2022-23661 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 9.1 |