Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-23 | CVE-2021-23412 | OS Command Injection vulnerability in Gitlogplus Project Gitlogplus All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization. | 9.8 |
| 2021-07-22 | CVE-2020-7389 | OS Command Injection vulnerability in Sage Syracuse Sage X3 System CHAINE Variable Script Command Injection. | 7.2 |
| 2021-07-22 | CVE-2021-31580 | OS Command Injection vulnerability in Akkadianlabs OVA Appliance and Provisioning Manager The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. | 9.8 |
| 2021-07-22 | CVE-2021-3198 | OS Command Injection vulnerability in Ivanti Mobileiron 10.7.0.19/11.0.0.0 By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. | 7.2 |
| 2021-07-22 | CVE-2021-33032 | OS Command Injection vulnerability in Eq-3 Homematic Ccu2 Firmware A Remote Code Execution (RCE) vulnerability in the WebUI component of the eQ-3 HomeMatic CCU2 firmware up to and including version 2.57.5 and CCU3 firmware up to and including version 3.57.5 allows remote unauthenticated attackers to execute system commands as root via a simple HTTP request. | 10.0 |
| 2021-07-22 | CVE-2021-1618 | OS Command Injection vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 7.2 |
| 2021-07-22 | CVE-2021-29143 | OS Command Injection vulnerability in Arubanetworks Aos-Cx Firmware A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. | 7.2 |
| 2021-07-21 | CVE-2020-21935 | OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2 A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | 9.8 |
| 2021-07-21 | CVE-2020-21937 | OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2 An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | 9.8 |
| 2021-07-20 | CVE-2021-32751 | OS Command Injection vulnerability in Gradle Gradle is a build tool with a focus on build automation. | 7.5 |