Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2021-21315 | OS Command Injection vulnerability in multiple products The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. | 7.8 |
| 2021-02-15 | CVE-2021-27201 | OS Command Injection vulnerability in Endian Firewall Community 3.3.2 Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment. | 8.8 |
| 2021-02-15 | CVE-2020-24899 | OS Command Injection vulnerability in Nagios XI 5.7.2 Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. | 8.8 |
| 2021-02-12 | CVE-2021-26752 | OS Command Injection vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. | 8.8 |
| 2021-02-12 | CVE-2021-20648 | OS Command Injection vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-12 | CVE-2021-20639 | OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-12 | CVE-2021-20638 | OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. | 6.8 |
| 2021-02-11 | CVE-2021-21976 | OS Command Injection vulnerability in VMWare Vsphere Replication vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution. | 7.2 |
| 2021-02-09 | CVE-2020-26193 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. | 7.8 |
| 2021-02-08 | CVE-2021-22502 | OS Command Injection vulnerability in Microfocus Operation Bridge Reporter 10.40 Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. | 9.8 |