Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-1441 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. | 6.7 |
| 2021-03-24 | CVE-2021-1384 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. | 7.2 |
| 2021-03-24 | CVE-2021-1382 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root privileges on the underlying operating system. | 6.7 |
| 2021-03-23 | CVE-2021-21345 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.9 |
| 2021-03-21 | CVE-2021-23360 | OS Command Injection vulnerability in Killport Project Killport 1.0.0/1.0.1 This affects the package killport before 1.0.2. | 8.8 |
| 2021-03-21 | CVE-2021-28961 | OS Command Injection vulnerability in Openwrt 19.07.0 applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests. | 8.8 |
| 2021-03-18 | CVE-2021-23359 | OS Command Injection vulnerability in Port-Killer Project Port-Killer This affects all versions of package port-killer. | 8.8 |
| 2021-03-15 | CVE-2021-23356 | OS Command Injection vulnerability in Kill-Process-By-Name Project Kill-Process-By-Name This affects all versions of package kill-process-by-name. | 9.8 |
| 2021-03-15 | CVE-2021-23355 | OS Command Injection vulnerability in Ps-Kill Project Ps-Kill This affects all versions of package ps-kill. | 9.8 |
| 2021-03-13 | CVE-2021-20017 | OS Command Injection vulnerability in Sonicwall Sma100 Firmware 10.2.0.0/10.2.0.220Sv/10.2.0.5 A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. | 8.8 |