Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-20655 | OS Command Injection vulnerability in Soliton Filezen FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2021-02-16 | CVE-2021-27104 | OS Command Injection vulnerability in Accellion FTA 912220/912370 Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. | 9.8 |
| 2021-02-16 | CVE-2021-27102 | OS Command Injection vulnerability in Accellion FTA Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. | 7.8 |
| 2021-02-16 | CVE-2021-20074 | OS Command Injection vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands. | 8.8 |
| 2021-02-16 | CVE-2021-21315 | OS Command Injection vulnerability in multiple products The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. | 7.8 |
| 2021-02-15 | CVE-2021-27201 | OS Command Injection vulnerability in Endian Firewall Community 3.3.2 Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment. | 8.8 |
| 2021-02-15 | CVE-2020-24899 | OS Command Injection vulnerability in Nagios XI 5.7.2 Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. | 8.8 |
| 2021-02-12 | CVE-2021-26752 | OS Command Injection vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. | 8.8 |
| 2021-02-12 | CVE-2021-20648 | OS Command Injection vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-12 | CVE-2021-20639 | OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |