Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-23 | CVE-2018-21104 | OS Command Injection vulnerability in Netgear R7800 Firmware NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | 6.8 |
| 2020-04-23 | CVE-2018-21103 | OS Command Injection vulnerability in Netgear R7800 Firmware NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | 6.8 |
| 2020-04-23 | CVE-2018-21101 | OS Command Injection vulnerability in Netgear R7800 Firmware NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | 8.0 |
| 2020-04-23 | CVE-2020-8797 | OS Command Injection vulnerability in Juplink Rx4-1500 Firmware 1.0.3 Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network. | 6.7 |
| 2020-04-22 | CVE-2020-7350 | OS Command Injection vulnerability in Rapid7 Metasploit Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. | 7.8 |
| 2020-04-22 | CVE-2018-21130 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-22 | CVE-2018-21127 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-22 | CVE-2018-21126 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-21 | CVE-2020-11963 | OS Command Injection vulnerability in Evenroute Iqrouter Firmware 3.3.1 IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. | 9.8 |
| 2020-04-15 | CVE-2020-5350 | OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. | 7.2 |