Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-07-20 CVE-2022-2486 OS Command Injection vulnerability in Wavlink Wl-Wn535K2 Firmware and Wl-Wn535K3 Firmware
A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3.
network
low complexity
wavlink CWE-78
critical
9.8
2022-07-20 CVE-2022-2487 OS Command Injection vulnerability in Wavlink Wl-Wn535K2 Firmware and Wl-Wn535K3 Firmware
A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical.
network
low complexity
wavlink CWE-78
critical
9.8
2022-07-20 CVE-2022-2488 OS Command Injection vulnerability in Wavlink Wl-Wn535K2 Firmware and Wl-Wn535K3 Firmware
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical.
network
low complexity
wavlink CWE-78
critical
9.8
2022-07-19 CVE-2022-34538 OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi.
network
low complexity
dw CWE-78
8.8
2022-07-19 CVE-2022-34539 OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi.
network
low complexity
dw CWE-78
8.8
2022-07-19 CVE-2022-34540 OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi.
network
low complexity
dw CWE-78
8.8
2022-07-19 CVE-2022-27373 OS Command Injection vulnerability in Phicomm Fir303B Firmware
Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function.
network
low complexity
phicomm CWE-78
8.8
2022-07-19 CVE-2022-27483 OS Command Injection vulnerability in Fortinet Fortianalyzer and Fortimanager
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 through 7.0.3, version 6.4.0 through 6.4.7, 6.2.x and 6.0.x allows attacker to execute arbitrary shell code as `root` user via `diagnose system` CLI commands.
network
low complexity
fortinet CWE-78
7.2
2022-07-18 CVE-2022-33891 OS Command Injection vulnerability in Apache Spark
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.
network
low complexity
apache CWE-78
8.8
2022-07-17 CVE-2022-26481 OS Command Injection vulnerability in Poly products
An issue was discovered in Poly Studio before 3.7.0.
network
low complexity
poly CWE-78
8.8