Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2020-36199 | OS Command Injection vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | 9.8 |
| 2021-01-26 | CVE-2020-35576 | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | 8.8 |
| 2021-01-26 | CVE-2020-27542 | OS Command Injection vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. | 6.8 |
| 2021-01-26 | CVE-2020-27298 | OS Command Injection vulnerability in Philips products Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). | 6.5 |
| 2021-01-26 | CVE-2020-23826 | OS Command Injection vulnerability in Assaabloy Yale Wipc-303W Firmware 2.21/2.31 The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. | 8.8 |
| 2021-01-22 | CVE-2020-12513 | OS Command Injection vulnerability in Pepperl-Fuchs products Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. | 8.8 |
| 2021-01-20 | CVE-2021-1142 | OS Command Injection vulnerability in Cisco Smart Software Manager Satellite 5.1.0 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 9.8 |
| 2021-01-20 | CVE-2021-1141 | OS Command Injection vulnerability in Cisco Smart Software Manager Satellite 5.1.0 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 8.8 |
| 2021-01-20 | CVE-2021-1140 | OS Command Injection vulnerability in Cisco Smart Software Manager Satellite 5.1.0 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 9.8 |
| 2021-01-20 | CVE-2021-1139 | OS Command Injection vulnerability in Cisco Smart Software Manager Satellite 5.1.0 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 8.8 |