Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2021-1147 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2021-01-13 | CVE-2021-1146 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2021-01-13 | CVE-2020-35578 | OS Command Injection vulnerability in Nagios XI An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. | 7.2 |
| 2021-01-13 | CVE-2020-5685 | OS Command Injection vulnerability in NEC Univerge Sv8500 Firmware and Univerge Sv9500 Firmware UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL. | 9.8 |
| 2021-01-12 | CVE-2020-35459 | OS Command Injection vulnerability in multiple products An issue was discovered in ClusterLabs crmsh through 4.2.1. | 7.8 |
| 2021-01-12 | CVE-2020-35458 | OS Command Injection vulnerability in Clusterlabs Hawk 2.2.012/2.3.012 An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. | 9.8 |
| 2021-01-09 | CVE-2020-5146 | OS Command Injection vulnerability in Sonicwall SMA 100 Firmware A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. | 7.2 |
| 2021-01-07 | CVE-2021-3029 | OS Command Injection vulnerability in Evolucare ECS Imaging 6.21.5 EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. | 9.8 |
| 2021-01-07 | CVE-2020-26085 | OS Command Injection vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
| 2021-01-06 | CVE-2020-36178 | OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6Eu0.9.14.16 oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). | 9.8 |