Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2020-8105 | OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. | 7.8 |
| 2021-12-16 | CVE-2021-42912 | OS Command Injection vulnerability in Fiberhome products FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. | 8.8 |
| 2021-12-14 | CVE-2021-44235 | OS Command Injection vulnerability in SAP Netweaver Application Server Abap Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allow an attacker with high privileges and has direct access to SAP System, to inject code when executing with a certain transaction class builder. | 6.7 |
| 2021-12-13 | CVE-2021-39065 | OS Command Injection vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate function . | 9.8 |
| 2021-12-09 | CVE-2021-20138 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. | 8.8 |
| 2021-12-09 | CVE-2021-20139 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. | 8.8 |
| 2021-12-09 | CVE-2021-20140 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers. | 8.8 |
| 2021-12-09 | CVE-2021-20141 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. | 8.8 |
| 2021-12-09 | CVE-2021-20142 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. | 8.8 |
| 2021-12-09 | CVE-2021-20143 | OS Command Injection vulnerability in Gryphonconnect Gryphon Tower Firmware An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. | 8.8 |