CVE-2023-47220

MEDIUM Year: 2023
CVSS v3 Score
6.6
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later

Related Vulnerabilities

CVE-2018-0643

MEDIUM
CVSS:6.6(Medium)

Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vect...

CWE-782018

CVE-2019-6013

MEDIUM
CVSS:6.6(Medium)

DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).

CWE-782019

CVE-2020-7735

MEDIUM
CVSS:6.6(Medium)

The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

CWE-782020

CVE-2023-46306

MEDIUM
CVSS:6.6(Medium)

The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters ...

CWE-782023

CVE-2024-50569

MEDIUM
CVSS:6.6(Medium)

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb 7.0.0 through 7.6.0 allows attacker to execute unauthorized code or commands via craft...

CWE-782024

CVE-2025-23237

MEDIUM
CVSS:6.6(Medium)

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs in to CLI of the affected product...

CWE-782025