Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-20708 | OS Command Injection vulnerability in NEC products NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL. | 7.2 |
| 2021-04-26 | CVE-2021-20696 | OS Command Injection vulnerability in Dlink Dap-1880Ac Firmware 1.21 DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program. | 8.8 |
| 2021-04-23 | CVE-2021-31607 | OS Command Injection vulnerability in multiple products In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. | 7.8 |
| 2021-04-22 | CVE-2021-29465 | OS Command Injection vulnerability in Discord Discord-Recon 0.0.1/0.0.2/0.0.3 Discord-Recon is a bot for the Discord chat service. | 9.8 |
| 2021-04-20 | CVE-2020-35314 | OS Command Injection vulnerability in Wondercms 3.1.3 A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer. | 9.8 |
| 2021-04-20 | CVE-2021-21526 | OS Command Injection vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. | 6.7 |
| 2021-04-18 | CVE-2021-23381 | OS Command Injection vulnerability in Killing Project Killing This affects all versions of package killing. | 9.8 |
| 2021-04-18 | CVE-2021-23380 | OS Command Injection vulnerability in Roar-Pidusage Project Roar-Pidusage This affects all versions of package roar-pidusage. | 7.3 |
| 2021-04-18 | CVE-2021-23379 | OS Command Injection vulnerability in Portkiller Project Portkiller This affects all versions of package portkiller. | 9.8 |
| 2021-04-18 | CVE-2021-23378 | OS Command Injection vulnerability in Picotts Project Picotts This affects all versions of package picotts. | 9.8 |