Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2021-0358 | Command Injection vulnerability in Google Android 10.0/11.0 In netdiag, there is a possible command injection due to improper input validation. | 6.7 |
| 2021-02-03 | CVE-2021-0356 | Command Injection vulnerability in Google Android 10.0/11.0 In netdiag, there is a possible command injection due to improper input validation. | 6.7 |
| 2021-02-02 | CVE-2020-8101 | Command Injection vulnerability in ADT Lifeshield DIY HD Video Doorbell Firmware 1.0.02R09 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. | 8.8 |
| 2021-01-20 | CVE-2021-1298 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 8.8 |
| 2021-01-20 | CVE-2021-1263 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |
| 2021-01-20 | CVE-2021-1262 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |
| 2021-01-20 | CVE-2021-1261 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |
| 2021-01-20 | CVE-2021-1260 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |
| 2021-01-20 | CVE-2020-4688 | Command Injection vulnerability in IBM Security Guardium 10.6/11.2 IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. | 7.8 |
| 2021-01-13 | CVE-2020-14102 | Command Injection vulnerability in MI Ax1800 Firmware and Rm1800 Firmware There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. | 7.2 |