Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-07-04 CVE-2022-33948 OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101/V102
HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server.
low complexity
kddi CWE-78
8.8
2022-07-01 CVE-2022-2185 OS Command Injection vulnerability in Gitlab
A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution.
network
low complexity
gitlab CWE-78
8.8
2022-06-30 CVE-2014-0156 OS Command Injection vulnerability in Manageiq Awesomespawn
Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments.
network
low complexity
manageiq CWE-78
critical
9.8
2022-06-30 CVE-2022-33312 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33313 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33314 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33325 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33326 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33327 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8
2022-06-30 CVE-2022-33328 OS Command Injection vulnerability in Robustel R1510 Firmware 3.3.0
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0.
network
low complexity
robustel CWE-78
critical
9.8