Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-12 | CVE-2021-3934 | OS Command Injection vulnerability in Planetargon OH MY ZSH ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command | 7.5 |
| 2021-11-10 | CVE-2021-3058 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. | 7.2 |
| 2021-11-10 | CVE-2021-3059 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. | 8.1 |
| 2021-11-10 | CVE-2021-3060 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. | 8.1 |
| 2021-11-10 | CVE-2021-3061 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. | 7.2 |
| 2021-11-10 | CVE-2021-39474 | OS Command Injection vulnerability in Ubeeinteractive Ubc1319 Firmware 1319010201R009 Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. | 7.2 |
| 2021-11-10 | CVE-2021-37158 | OS Command Injection vulnerability in Opengamepanel 20210814 An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. | 8.8 |
| 2021-11-08 | CVE-2021-42372 | OS Command Injection vulnerability in Xorux Lpar2Rrd and Stor2Rrd A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service. | 8.8 |
| 2021-11-04 | CVE-2021-40113 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory. | 9.8 |
| 2021-11-04 | CVE-2021-40120 | OS Command Injection vulnerability in Cisco Application Extension Platform and IOS XR A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. | 7.2 |