Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-05-16 CVE-2022-23662 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23663 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23664 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23665 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23666 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2021-42897 OS Command Injection vulnerability in Feminer WMS Project Feminer WMS 1.0
A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php.
network
low complexity
feminer-wms-project CWE-78
critical
 9.8
9.8
2022-05-13 CVE-2021-42969 OS Command Injection vulnerability in Anaconda Anaconda3 2021.05
Certain Anaconda3 2021.05 are affected by OS command injection.
network
low complexity
anaconda CWE-78
8.8
8.8
2022-05-12 CVE-2022-26007 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.4
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-78
7.2
7.2
2022-05-12 CVE-2022-26042 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-78
8.8
8.8
2022-05-12 CVE-2022-26075 OS Command Injection vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37.
network
low complexity
inhandnetworks CWE-78
8.8
8.8