Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-43656
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers befor
CVE-2024-43657
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers befor
CVE-2024-43655
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers befor
CVE-2024-43654
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects all Iochar
CVE-2024-43653
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability  allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers befor
CVE-2024-43651
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC models before version
CVE-2024-43650
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects  firmware
CVE-2024-43649
CRITICAL CVSS 9.3
Find Similar
Authenticated command injection in the filename of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 2412070
CVE-2024-43652
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before
CVE-2024-43648
CRITICAL CVSS 9.3
Find Similar
Command injection in the parameter of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 24120701.
Patch traversal, External Control of File Name or Path vulnerability in Iocharger Home allows deletion of arbitrary files This issue affects Iocharger firmware for AC model before firmware version 25
The CGI script .sh can be used to download any file on the filesystem. This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High, but credentials
After gaining access to the firmware of a charging station, a file at can be accessed to obtain default credentials that are the same across all Iocharger AC model EV chargers. This issue
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote control over the charging station when an authenticated
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerabili
CVE-2020-8007
CRITICAL CVSS 9.8
Find Similar
The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserv
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3)
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain field
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in +F FS010M versions prior to V2.0.1_1101. If this vulnerability is exploited, an arbitrary OS
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could
Page 1+ Next →