Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2021-26680 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2021-02-23 | CVE-2021-26679 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2021-02-23 | CVE-2021-26684 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2021-02-23 | CVE-2021-26683 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2021-02-23 | CVE-2021-26681 | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2021-02-23 | CVE-2020-28429 | OS Command Injection vulnerability in Geojson2Kml Project Geojson2Kml All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. | 9.8 |
| 2021-02-22 | CVE-2021-26724 | OS Command Injection vulnerability in Nozominetworks Central Management Control and Guardian OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. | 7.2 |
| 2021-02-22 | CVE-2021-3149 | OS Command Injection vulnerability in Netshieldcorp Nano 25 Firmware 10.2.18 On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used unsafely. | 7.2 |
| 2021-02-19 | CVE-2020-36246 | OS Command Injection vulnerability in Amaze File Manager Project Amaze File Manager Amaze File Manager before 3.5.1 allows attackers to obtain root privileges via shell metacharacters in a symbolic link. | 7.8 |
| 2021-02-19 | CVE-2019-25024 | OS Command Injection vulnerability in Alleghenycreative Openrepeater OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. | 9.8 |