Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-16 | CVE-2022-30023 | OS Command Injection vulnerability in Tenda HG9 Firmware 1.0.1 Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. | 8.8 |
| 2022-06-15 | CVE-2022-33140 | OS Command Injection vulnerability in Apache Nifi and Nifi Registry The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. | 8.8 |
| 2022-06-14 | CVE-2022-31311 | OS Command Injection vulnerability in Wavlink Aerial X 1200M Firmware M79X3.V5030.180719 An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. | 9.8 |
| 2022-06-14 | CVE-2022-31446 | OS Command Injection vulnerability in Tendacn Ac18 Firmware 15.03.05.05/15.03.05.19 Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | 9.8 |
| 2022-06-11 | CVE-2021-41738 | OS Command Injection vulnerability in Zeroshell 3.9.5 ZeroShell 3.9.5 has a command injection vulnerability in /cgi-bin/kerbynet IP parameter, which may allow an authenticated attacker to execute system commands. | 8.8 |
| 2022-06-09 | CVE-2019-25065 | OS Command Injection vulnerability in Opennetadmin 18.1.1 A vulnerability was found in OpenNetAdmin 18.1.1. | 9.8 |
| 2022-06-09 | CVE-2019-25066 | OS Command Injection vulnerability in Ajenti 2.1.31 A vulnerability has been found in ajenti 2.1.31 and classified as critical. | 8.8 |
| 2022-06-09 | CVE-2022-1986 | OS Command Injection vulnerability in Gogs OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9. | 9.8 |
| 2022-06-09 | CVE-2022-29013 | OS Command Injection vulnerability in Razer Sila Firmware 2.0.441Api2.0.418 A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request. | 9.8 |
| 2022-06-08 | CVE-2022-1703 | OS Command Injection vulnerability in Sonicwall products Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack. | 8.8 |