Dark Reading

CISA, FBI Warn of OS Command-Injection Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a critical alert urging software developers to focus on removing weaknesses that allow unauthorized users to run ...
The Hacker News

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

Command injection attacks on Array AG gateways exploiting DesktopDirect since Aug 2025 prompt JPCERT to urge fast patching.
Bleeping Computer

Latest Command Injection news

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...
Network World

Cisco IoT wireless access points hit by severe command injection flaw

Cisco’s Ultra-Reliable Wireless Backhaul (URWB) hardware has been hit with a hard-to-ignore flaw that could allow attackers to hijack the access points’ web interface using a crafted HTTP request.
Ars Technica

Zyxel silently patches command-injection vulnerability with 9.8 severity rating

Hardware manufacturer Zyxel quietly released an update fixing a critical vulnerability that gives hackers the ability to control tens of thousands of firewall devices remotely. The vulnerability, ...
Bleeping Computer

Zyxel warns of critical command injection flaw in NAS devices

Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability. The newly discovered vulnerability, ...