Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-28 | CVE-2021-35032 | OS Command Injection vulnerability in Zyxel products A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call. | 7.8 |
| 2021-12-26 | CVE-2021-45602 | OS Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 7.8 |
| 2021-12-23 | CVE-2021-3621 | OS Command Injection vulnerability in multiple products A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. | 8.8 |
| 2021-12-23 | CVE-2021-4144 | OS Command Injection vulnerability in Tp-Link Tl-Wr802N Firmware TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection. | 8.8 |
| 2021-12-22 | CVE-2021-21872 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. | 9.9 |
| 2021-12-22 | CVE-2021-21873 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. | 9.1 |
| 2021-12-22 | CVE-2021-21874 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. | 9.1 |
| 2021-12-22 | CVE-2021-21875 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. | 9.1 |
| 2021-12-22 | CVE-2021-21876 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. | 9.1 |
| 2021-12-22 | CVE-2021-21877 | OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. | 9.1 |