Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2020-21992 | OS Command Injection vulnerability in Inim products Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. | 8.8 |
| 2021-04-29 | CVE-2021-29147 | OS Command Injection vulnerability in Arubanetworks Clearpass A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 8.8 |
| 2021-04-29 | CVE-2021-25167 | OS Command Injection vulnerability in Arubanetworks Airwave A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.8 |
| 2021-04-29 | CVE-2021-25166 | OS Command Injection vulnerability in Arubanetworks Airwave A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.8 |
| 2021-04-27 | CVE-2020-22000 | OS Command Injection vulnerability in Homeautomation Project Homeautomation 3.3.2 HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. | 8.0 |
| 2021-04-27 | CVE-2021-30642 | OS Command Injection vulnerability in Symantec Security Analytics An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges. | 9.8 |
| 2021-04-26 | CVE-2021-20711 | OS Command Injection vulnerability in NEC Aterm Wg2600Hs Firmware 1.3.2/1.5.1 Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2021-04-26 | CVE-2021-20708 | OS Command Injection vulnerability in NEC products NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL. | 7.2 |
| 2021-04-26 | CVE-2021-20696 | OS Command Injection vulnerability in Dlink Dap-1880Ac Firmware 1.21 DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program. | 8.8 |
| 2021-04-23 | CVE-2021-31607 | OS Command Injection vulnerability in multiple products In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. | 7.8 |