Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-08 | CVE-2020-11920 | OS Command Injection vulnerability in Svakom Siime EYE Firmware 14.1.00000001.3.330.0.0.3.14 An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. | 9.8 |
2021-02-07 | CVE-2021-3122 | OS Command Injection vulnerability in NCR Command Center Agent 16.3 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. | 9.8 |
2021-02-07 | CVE-2020-36243 | OS Command Injection vulnerability in Open-Emr Openemr 5.0.2.1 The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. | 8.8 |
2021-02-04 | CVE-2021-1318 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
2021-02-04 | CVE-2021-1317 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
2021-02-04 | CVE-2021-1316 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
2021-02-04 | CVE-2021-1315 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
2021-02-04 | CVE-2021-1314 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
2021-02-03 | CVE-2020-2507 | OS Command Injection vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of QTS. | 9.8 |
2021-02-02 | CVE-2021-21289 | OS Command Injection vulnerability in multiple products Mechanize is an open-source ruby library that makes automated web interaction easy. | 8.3 |