Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-28151 | OS Command Injection vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest. | 8.8 |
| 2021-05-06 | CVE-2021-1401 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 7.2 |
| 2021-05-06 | CVE-2021-1497 | OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. | 9.8 |
| 2021-05-06 | CVE-2021-1514 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. | 7.8 |
| 2021-05-06 | CVE-2021-21527 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 9.0.0.0/9.1.0.0 Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-21550 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-26543 | OS Command Injection vulnerability in Wayfair Git-Parse 1.0.2/1.0.3/1.0.4 The "gitDiff" function in Wayfair git-parse <=1.0.4 has a command injection vulnerability. | 8.8 |
| 2021-05-04 | CVE-2020-21999 | OS Command Injection vulnerability in IWT Facesentry Access Control System Firmware 5.7.0/5.7.2/6.4.8 iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. | 8.8 |
| 2021-05-03 | CVE-2021-29369 | OS Command Injection vulnerability in Gnuplot Project Gnuplot 0.0.1/0.0.2 The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. | 9.8 |
| 2021-04-30 | CVE-2021-21530 | OS Command Injection vulnerability in Dell Openmanage Enterprise-Modular Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. | 8.8 |