Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-06 | CVE-2021-43033 | OS Command Injection vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 9.8 |
| 2021-12-01 | CVE-2021-20853 | OS Command Injection vulnerability in Elecom Wrh-733Gbk Firmware and Wrh-733Gwh Firmware ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-12-01 | CVE-2021-20854 | OS Command Injection vulnerability in Elecom Wrh-733Gbk Firmware and Wrh-733Gwh Firmware ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-12-01 | CVE-2021-20859 | OS Command Injection vulnerability in Elecom products ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to execute an arbitrary OS command via unspecified vectors. | 8.0 |
| 2021-12-01 | CVE-2021-20863 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attackers to execute an arbitrary OS command with the root privilege via unspecified vectors. | 8.0 |
| 2021-11-30 | CVE-2020-7879 | OS Command Injection vulnerability in Iptime C200 Firmware 1.0.12 This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. | 9.8 |
| 2021-11-30 | CVE-2021-43283 | OS Command Injection vulnerability in Govicture Wr1200 Firmware 1.0.3 An issue was discovered on Victure WR1200 devices through 1.0.3. | 8.8 |
| 2021-11-24 | CVE-2021-20850 | OS Command Injection vulnerability in Alfasado Powercms PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. | 9.8 |
| 2021-11-23 | CVE-2021-42784 | OS Command Injection vulnerability in Dlink Dwr-932C E1 Firmware OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote attacker to perform command injection via a crafted HTTP request. | 9.8 |
| 2021-11-23 | CVE-2021-36313 | OS Command Injection vulnerability in Dell Cloudlink Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. | 7.2 |