Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1401 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 7.2 |
| 2021-05-06 | CVE-2021-1497 | OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. | 9.8 |
| 2021-05-06 | CVE-2021-1514 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. | 7.8 |
| 2021-05-06 | CVE-2021-21527 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 9.0.0.0/9.1.0.0 Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-21550 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. | 6.7 |
| 2021-05-06 | CVE-2021-26543 | OS Command Injection vulnerability in Wayfair Git-Parse 1.0.2/1.0.3/1.0.4 The "gitDiff" function in Wayfair git-parse <=1.0.4 has a command injection vulnerability. | 8.8 |
| 2021-05-04 | CVE-2020-21999 | OS Command Injection vulnerability in IWT Facesentry Access Control System Firmware 5.7.0/5.7.2/6.4.8 iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. | 8.8 |
| 2021-05-03 | CVE-2021-29369 | OS Command Injection vulnerability in Gnuplot Project Gnuplot 0.0.1/0.0.2 The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. | 9.8 |
| 2021-04-30 | CVE-2021-21530 | OS Command Injection vulnerability in Dell Openmanage Enterprise-Modular Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. | 8.8 |
| 2021-04-29 | CVE-2021-1488 | OS Command Injection vulnerability in Cisco products A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). | 6.7 |