Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-02-02 CVE-2021-43073 OS Command Injection vulnerability in Fortinet Fortiweb
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
network
low complexity
fortinet CWE-78
8.8
8.8
2022-01-28 CVE-2021-40407 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
7.2
7.2
2022-01-28 CVE-2021-40408 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
critical
 9.8
9.8
2022-01-28 CVE-2021-40409 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
critical
 9.8
9.8
2022-01-28 CVE-2021-40410 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
7.2
7.2
2022-01-28 CVE-2021-40411 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
7.2
7.2
2022-01-28 CVE-2021-40412 OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-78
7.2
7.2
2022-01-28 CVE-2020-28884 OS Command Injection vulnerability in Liferay Portal 7.2/7.3.5
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection.
network
low complexity
liferay CWE-78
7.2
7.2
2022-01-28 CVE-2020-28885 OS Command Injection vulnerability in Liferay Portal 7.2/7.3.5
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection.
network
low complexity
liferay CWE-78
7.2
7.2
2022-01-25 CVE-2021-36295 OS Command Injection vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability.
network
low complexity
dell CWE-78
7.2
7.2