Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-12 | CVE-2021-26752 | OS Command Injection vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. | 8.8 |
| 2021-02-12 | CVE-2021-20648 | OS Command Injection vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-12 | CVE-2021-20639 | OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-12 | CVE-2021-20638 | OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-11 | CVE-2021-21976 | OS Command Injection vulnerability in VMWare Vsphere Replication vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution. | 7.2 |
| 2021-02-09 | CVE-2020-26193 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. | 7.8 |
| 2021-02-08 | CVE-2021-22502 | OS Command Injection vulnerability in Microfocus Operation Bridge Reporter 10.40 Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. | 9.8 |
| 2021-02-08 | CVE-2021-26541 | OS Command Injection vulnerability in Gitlog Project Gitlog The gitlog function in src/index.ts in gitlog before 4.0.4 has a command injection vulnerability. | 9.8 |
| 2021-02-08 | CVE-2020-11920 | OS Command Injection vulnerability in Svakom Siime EYE Firmware 14.1.00000001.3.330.0.0.3.14 An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. | 9.8 |
| 2021-02-07 | CVE-2021-3122 | OS Command Injection vulnerability in NCR Command Center Agent 16.3 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. | 9.8 |