Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-30 | CVE-2020-35792 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-12-30 | CVE-2020-35791 | Command Injection vulnerability in Netgear R7800 Firmware, R8900 Firmware and R9000 Firmware Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.7 |
| 2020-12-30 | CVE-2020-35790 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-12-30 | CVE-2020-35777 | Command Injection vulnerability in Netgear Dgn2200V1 Firmware NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. | 8.4 |
| 2020-12-29 | CVE-2020-25847 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 8.8 |
| 2020-12-27 | CVE-2020-29299 | Command Injection vulnerability in Zyxel products Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. | 7.2 |
| 2020-12-16 | CVE-2020-26273 | Command Injection vulnerability in Linuxfoundation Osquery osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. | 5.2 |
| 2020-12-11 | CVE-2020-24634 | Command Injection vulnerability in Arubanetworks Arubaos An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | 9.8 |
| 2020-12-10 | CVE-2019-7198 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 9.8 |
| 2020-12-01 | CVE-2020-9116 | Command Injection vulnerability in Huawei Fusioncompute 6.5.1/8.0.0 Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. | 7.2 |