Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-28 | CVE-2020-5626 | OS Command Injection vulnerability in Infoscience ELC Analytics and Logstorage Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file. | 8.8 |
| 2021-01-26 | CVE-2021-3317 | OS Command Injection vulnerability in Klogserver Klog Server 2.4.1 KLog Server through 2.4.1 allows authenticated command injection. | 8.8 |
| 2021-01-26 | CVE-2013-2512 | OS Command Injection vulnerability in Ftpd Project Ftpd 0.2.1 The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. | 9.8 |
| 2021-01-26 | CVE-2021-3291 | OS Command Injection vulnerability in Zen-Cart ZEN Cart 1.5.7B Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. | 7.2 |
| 2021-01-26 | CVE-2021-3190 | OS Command Injection vulnerability in Async-Git Project Async-Git The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. | 9.8 |
| 2021-01-26 | CVE-2020-36199 | OS Command Injection vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | 9.8 |
| 2021-01-26 | CVE-2020-35576 | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | 8.8 |
| 2021-01-26 | CVE-2020-27542 | OS Command Injection vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. | 6.8 |
| 2021-01-26 | CVE-2020-27298 | OS Command Injection vulnerability in Philips products Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). | 6.5 |
| 2021-01-26 | CVE-2020-23826 | OS Command Injection vulnerability in Assaabloy Yale Wipc-303W Firmware 2.21/2.31 The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. | 8.8 |