Total
4714 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28767 | 1 Zyxel | 44 Usg 20w-vpn, Usg 20w-vpn Firmware, Usg 2200-vpn and 41 more | 2024-11-21 | N/A | 8.8 HIGH |
| The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36, USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled. | |||||
| CVE-2023-28742 | 1 F5 | 1 Big-ip Domain Name System | 2024-11-21 | N/A | 7.2 HIGH |
| When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-28704 | 1 Furbo | 2 Dog Camera, Dog Camera Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetooth network with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands or disrupt service. | |||||
| CVE-2023-28702 | 1 Asus | 2 Rt-ac86u, Rt-ac86u Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service. | |||||
| CVE-2023-28627 | 1 Pymedusa | 1 Medusa | 2024-11-21 | N/A | 8.3 HIGH |
| pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ > advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute arbitrary OS commands as the user running the pymedusa program. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-28614 | 1 Freewillsolutions | 1 Smart Trade | 2024-11-21 | N/A | 9.8 CRITICAL |
| Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters to a report page. | |||||
| CVE-2023-28343 | 1 Apsystems | 2 Energy Communication Unit, Energy Communication Unit Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php. | |||||
| CVE-2023-28102 | 1 Discordrb Project | 1 Discordrb | 2024-11-21 | N/A | 8.3 HIGH |
| discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly exploitable: the exploit requires that some client of the library calls the vulnerable method with user input. However, if unsafe input reaches the library method, then an attacker can execute arbitrary shell commands on the host machine. Full impact will depend on the permissions of the process running the `discordrb` library and will likely not be total system access. This issue has been addressed in code, but a new release of the `discordrb` gem has not been uploaded to rubygems. This issue is also tracked as `GHSL-2022-094`. | |||||
| CVE-2023-28000 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | N/A | 6.7 MEDIUM |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted arguments in diagnose system df CLI command. | |||||
| CVE-2023-27999 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | N/A | 7.8 HIGH |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | |||||
| CVE-2023-27991 | 1 Zyxel | 38 Atp100, Atp100 Firmware, Atp100w and 35 more | 2024-11-21 | N/A | 8.8 HIGH |
| The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely. | |||||
| CVE-2023-27988 | 1 Zyxel | 6 Nas326, Nas326 Firmware, Nas540 and 3 more | 2024-11-21 | N/A | 7.2 HIGH |
| The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely. | |||||
| CVE-2023-27886 | 1 Propumpservice | 2 Osprey Pump Controller, Osprey Pump Controller Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter called by index.php script. | |||||
| CVE-2023-27407 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2024-11-21 | N/A | 9.9 CRITICAL |
| A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user. | |||||
| CVE-2023-27394 | 1 Propumpservice | 2 Osprey Pump Controller, Osprey Pump Controller Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts. | |||||
| CVE-2023-27380 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2023-27198 | 1 Paxtechnology | 2 Pax A930, Pax A930 Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability. | |||||
| CVE-2023-26759 | 1 Smeup | 1 Erp | 2024-11-21 | N/A | 8.8 HIGH |
| Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component. | |||||
| CVE-2023-26613 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL. | |||||
| CVE-2023-26490 | 1 Mailcow | 1 Mailcow\ | 2024-11-21 | N/A | 7.3 HIGH |
| mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to obtain shell access to the Docker container running dovecot. The imapsync Perl script implements all the necessary functionality for this feature, including the XOAUTH2 authentication mechanism. This code path creates a shell command to call openssl. However, since different parts of the specified user password are included without any validation, one can simply execute additional shell commands. Notably, the default ACL for a newly-created mailcow account does not include the necessary permission. The Issue has been fixed within the 2023-03 Update (March 3rd 2023). As a temporary workaround the Syncjob ACL can be removed from all mailbox users, preventing from creating or changing existing Syncjobs. | |||||