Fortinet closes brute-force and command injection flaws in FortiWeb & Co.

Fortinet closes flaws in FortiWeb and FortiManager, allowing command injection, among other things. FortiGate firewalls were ...
Bleeping Computer

CISA urges devs to weed out OS command injection vulnerabilities

CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. Velvet Ant, the Chinese state-sponsored threat ...
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...
Bleeping Computer

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...
SecurityWeek

Zyxel Patches Critical Vulnerability in Many Device Models

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.

Zyxel warns over a dozen routers affected by critical security flaw

Zyxel fixes a handful of worrying router flaws ...
CSO Online

VMware fixes command injection flaw in Aria Operations

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.
SDxCentral

Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

Palo Alto Networks has released workaround guidance for a command injection vulnerability (CVE-2024-3400) affecting PAN-OS versions 10.2, 11.0, and 11.1. Palo Alto Networks has reported active ...