Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-16 | CVE-2021-3708 | OS Command Injection vulnerability in Dlink Dsl-2750U Firmware 1.11 D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. | 7.8 |
2021-08-13 | CVE-2021-36380 | OS Command Injection vulnerability in Sunhillo Sureline Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. | 9.8 |
2021-08-13 | CVE-2021-37028 | OS Command Injection vulnerability in Huawei Hg8045Q Firmware V300R016C00Spc110/V300R018C10 There is a command injection vulnerability in the HG8045Q product. | 6.7 |
2021-08-13 | CVE-2021-37344 | OS Command Injection vulnerability in Nagios XI Switch Wizard Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection). | 9.8 |
2021-08-13 | CVE-2021-37346 | OS Command Injection vulnerability in Nagios XI Watchguard Wizard Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command (OS Command injection). | 9.8 |
2021-08-12 | CVE-2021-31698 | OS Command Injection vulnerability in Quectel Eg25-G Firmware Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon. | 9.8 |
2021-08-11 | CVE-2021-3050 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. | 8.8 |
2021-08-10 | CVE-2021-33721 | OS Command Injection vulnerability in Siemens Sinec Network Management System 1.0 A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). | 7.2 |
2021-08-09 | CVE-2020-23151 | OS Command Injection vulnerability in Rconfig 3.9.5 rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped. | 9.8 |
2021-08-09 | CVE-2021-21585 | OS Command Injection vulnerability in Dell Openmanage Enterprise 3.5 Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. | 7.2 |