Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-12 | CVE-2020-27864 | Command Injection vulnerability in Dlink Dap-1860 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. | 8.8 |
| 2021-02-12 | CVE-2020-27862 | Command Injection vulnerability in Dlink Dsl-2888A Firmware and Dva-2800 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. | 8.8 |
| 2021-02-10 | CVE-2021-27185 | Command Injection vulnerability in Samba-Client Project Samba-Client The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec. | 9.8 |
| 2021-02-09 | CVE-2020-13117 | Command Injection vulnerability in Wavlink Wn575A4 Firmware and Wn579X3 Firmware Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request. | 9.8 |
| 2021-02-08 | CVE-2021-26576 | Command Injection vulnerability in HPE Baseboard Management Controller The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function. | 7.8 |
| 2021-02-08 | CVE-2021-25172 | Command Injection vulnerability in HPE Baseboard Management Controller The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function. | 7.8 |
| 2021-02-03 | CVE-2021-0364 | Command Injection vulnerability in Google Android 10.0/11.0 In mobile_log_d, there is a possible command injection due to improper input validation. | 6.7 |
| 2021-02-03 | CVE-2021-0363 | Command Injection vulnerability in Google Android 10.0/11.0 In mobile_log_d, there is a possible command injection due to a missing bounds check. | 6.7 |
| 2021-02-03 | CVE-2021-0358 | Command Injection vulnerability in Google Android 10.0/11.0 In netdiag, there is a possible command injection due to improper input validation. | 6.7 |
| 2021-02-03 | CVE-2021-0356 | Command Injection vulnerability in Google Android 10.0/11.0 In netdiag, there is a possible command injection due to improper input validation. | 6.7 |