Total
4696 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0628 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. | ||||
| CVE-2018-0627 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter. | ||||
| CVE-2018-0626 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter. | ||||
| CVE-2018-0625 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter. | ||||
| CVE-2018-0569 | 1 Basercms | 1 Basercms | 2024-11-21 | N/A |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0556 | 1 Buffalo | 2 Wzr-1750dhp2, Wzr-1750dhp2 Firmware | 2024-11-21 | N/A |
| Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0545 | 1 Lxr Project | 1 Lxr | 2024-11-21 | N/A |
| LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0539 | 1 Qqq Systems Project | 1 Qqq Systems | 2024-11-21 | N/A |
| QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2018-0523 | 1 Buffalo | 2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware | 2024-11-21 | N/A |
| Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0514 | 1 Futomi | 1 Mp Form Mail Cgi | 2024-11-21 | N/A |
| MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0512 | 1 Iodata | 90 Bx-vp1, Bx-vp1 Firmware, Gv-ntx1 and 87 more | 2024-11-21 | N/A |
| Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2018-0506 | 1 Nootka Project | 1 Nootka | 2024-11-21 | N/A |
| Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2017-9274 | 1 Opensuse | 1 Obs-service-source Validator | 2024-11-21 | N/A |
| A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs. | ||||
| CVE-2017-7640 | 1 Qnap | 2 Media Streaming Add-on, Qts | 2024-11-21 | N/A |
| QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges. | ||||
| CVE-2017-7637 | 1 Qnap | 1 Nas Proxy Server | 2024-11-21 | N/A |
| QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges. | ||||
| CVE-2017-6230 | 1 Ruckuswireless | 2 Smartzone Managed Access Point Firmware, Solo Access Point Firmware | 2024-11-21 | N/A |
| Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems. | ||||
| CVE-2017-6229 | 1 Ruckuswireless | 30 H320, H320 Firmware, H510 and 27 more | 2024-11-21 | N/A |
| Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. | ||||
| CVE-2017-3936 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | N/A |
| OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format output. | ||||
| CVE-2017-2873 | 1 Foscam | 2 C1, C1 Firmware | 2024-11-21 | 7.2 High |
| An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. | ||||
| CVE-2017-18858 | 1 Netgear | 20 M4200-10mg-poe\+, M4200-10mg-poe\+ Firmware, M4300-12x12f and 17 more | 2024-11-21 | 9.8 Critical |
| Certain NETGEAR devices are affected by command execution. This affects M4200-10MG-POE+ 12.0.2.11 and earlier, M4300-28G 12.0.2.11 and earlier, M4300-52G 12.0.2.11 and earlier, M4300-28G-POE+ 12.0.2.11 and earlier, M4300-52G-POE+ 12.0.2.11 and earlier, M4300-8X8F 12.0.2.11 and earlier, M4300-12X12F 12.0.2.11 and earlier, M4300-24X24F 12.0.2.11 and earlier, M4300-24X 12.0.2.11 and earlier, and M4300-48X 12.0.2.11 and earlier. | ||||