Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2022-22991 | Command Injection vulnerability in Westerndigital MY Cloud OS A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. | 8.8 |
| 2022-01-12 | CVE-2021-42559 | Command Injection vulnerability in Mitre Caldera An issue was discovered in CALDERA 2.8.1. | 8.8 |
| 2022-01-06 | CVE-2021-45456 | Command Injection vulnerability in Apache Kylin 4.0.0 Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. | 9.8 |
| 2022-01-04 | CVE-2021-43711 | Command Injection vulnerability in Totolink Ex200 Firmware 4.0.3C.7646B20201211 The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command injection vulnerability when receiving GET parameters. | 9.8 |
| 2021-12-30 | CVE-2021-20167 | Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. | 8.0 |
| 2021-12-29 | CVE-2021-23727 | Command Injection vulnerability in multiple products This affects the package celery before 5.2.2. | 7.5 |
| 2021-12-26 | CVE-2021-45513 | Command Injection vulnerability in Netgear Xr1000 Firmware 1.0.0.44/1.0.0.50/1.0.0.52 NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-12-26 | CVE-2021-45514 | Command Injection vulnerability in Netgear Xr1000 Firmware 1.0.0.44/1.0.0.50/1.0.0.52 NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2021-12-26 | CVE-2021-45531 | Command Injection vulnerability in Netgear D6220 Firmware NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user. | 8.8 |
| 2021-12-26 | CVE-2021-45532 | Command Injection vulnerability in Netgear R8000 Firmware NETGEAR R8000 devices before 1.0.4.76 are affected by command injection by an authenticated user. | 7.8 |