Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-1488 | OS Command Injection vulnerability in Cisco products A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). | 6.7 |
| 2021-04-29 | CVE-2021-1448 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. | 7.8 |
| 2021-04-29 | CVE-2021-21388 | OS Command Injection vulnerability in Systeminformation systeminformation is an open source system and OS information library for node.js. | 9.8 |
| 2021-04-29 | CVE-2021-30233 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptv_vlan parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30228 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iandlink_proc_enable parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30234 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the MLD_PROXY_WAN_CONNECT parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30232 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the IGMP_PROXY_WAN_CONNECT parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30231 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30230 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter. | 9.8 |
| 2021-04-29 | CVE-2021-30229 | OS Command Injection vulnerability in Chinamobile AN Lianbao Wf-1 Firmware 1.0.1 The api/zrDm/set_zrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dm_enable, AppKey, or Pwd parameter. | 8.8 |