Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2020-25506 | OS Command Injection vulnerability in Dlink Dns-320 Firmware 2.06B01 D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. | 9.8 |
| 2021-02-02 | CVE-2020-25036 | OS Command Injection vulnerability in Ucopia Wireless Appliance 6.0.5 UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command. | 8.8 |
| 2021-01-28 | CVE-2020-5626 | OS Command Injection vulnerability in Infoscience ELC Analytics and Logstorage Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file. | 8.8 |
| 2021-01-26 | CVE-2021-3317 | OS Command Injection vulnerability in Klogserver Klog Server 2.4.1 KLog Server through 2.4.1 allows authenticated command injection. | 8.8 |
| 2021-01-26 | CVE-2013-2512 | OS Command Injection vulnerability in Ftpd Project Ftpd 0.2.1 The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. | 9.8 |
| 2021-01-26 | CVE-2021-3291 | OS Command Injection vulnerability in Zen-Cart ZEN Cart 1.5.7B Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. | 7.2 |
| 2021-01-26 | CVE-2021-3190 | OS Command Injection vulnerability in Async-Git Project Async-Git The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. | 9.8 |
| 2021-01-26 | CVE-2020-36199 | OS Command Injection vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | 9.8 |
| 2021-01-26 | CVE-2020-35576 | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | 8.8 |
| 2021-01-26 | CVE-2020-27542 | OS Command Injection vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. | 6.8 |