Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-13 | CVE-2021-37028 | OS Command Injection vulnerability in Huawei Hg8045Q Firmware V300R016C00Spc110/V300R018C10 There is a command injection vulnerability in the HG8045Q product. | 6.7 |
| 2021-08-13 | CVE-2021-37344 | OS Command Injection vulnerability in Nagios XI Switch Wizard Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection). | 9.8 |
| 2021-08-13 | CVE-2021-37346 | OS Command Injection vulnerability in Nagios XI Watchguard Wizard Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command (OS Command injection). | 9.8 |
| 2021-08-12 | CVE-2021-31698 | OS Command Injection vulnerability in Quectel Eg25-G Firmware Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon. | 9.8 |
| 2021-08-11 | CVE-2021-3050 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. | 8.8 |
| 2021-08-10 | CVE-2021-33721 | OS Command Injection vulnerability in Siemens Sinec Network Management System 1.0 A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). | 7.2 |
| 2021-08-09 | CVE-2020-23151 | OS Command Injection vulnerability in Rconfig 3.9.5 rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped. | 9.8 |
| 2021-08-09 | CVE-2021-21585 | OS Command Injection vulnerability in Dell Openmanage Enterprise 3.5 Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. | 7.2 |
| 2021-08-06 | CVE-2021-36705 | OS Command Injection vulnerability in Prolink Prc2402M Firmware In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069_local_port parameter is passed directly to system. | 9.8 |
| 2021-08-06 | CVE-2021-36706 | OS Command Injection vulnerability in Prolink Prc2402M Firmware In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system. | 9.8 |