Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-19 | CVE-2021-20527 | Command Injection vulnerability in IBM Resilient IBM Resilient SOAR V38.0 could allow a privileged user to create create malicious scripts that could be executed as another user. | 7.2 |
| 2021-04-19 | CVE-2021-20991 | Command Injection vulnerability in Fibaro Home Center 2 Firmware and Home Center Lite Firmware In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability. | 8.8 |
| 2021-04-17 | CVE-2020-2509 | Command Injection vulnerability in Qnap QTS A command injection vulnerability has been reported to affect QTS and QuTS hero. | 9.8 |
| 2021-04-08 | CVE-2021-29154 | Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. | 7.8 |
| 2021-03-29 | CVE-2020-25217 | Command Injection vulnerability in Grandstream products Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection as root in its administrative web interface. | 7.2 |
| 2021-03-25 | CVE-2020-10580 | Command Injection vulnerability in Invigo Automatic Device Management 5.0 A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application. | 8.8 |
| 2021-03-23 | CVE-2021-29079 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29078 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29077 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29076 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |