Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21874 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21875 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21876 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21877 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21881 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.9
9.9
2021-12-22 CVE-2021-21882 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
8.8
8.8
2021-12-22 CVE-2021-21883 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.9
9.9
2021-12-22 CVE-2021-21884 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21888 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-20 CVE-2020-19316 OS Command Injection vulnerability in Laravel Framework
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17.
network
low complexity
laravel CWE-78
8.8
8.8