Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-10 | CVE-2022-27273 | OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168. | 9.8 |
| 2022-04-10 | CVE-2022-27274 | OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12028. | 9.8 |
| 2022-04-10 | CVE-2022-27275 | OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. | 9.8 |
| 2022-04-10 | CVE-2022-27276 | OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C. | 9.8 |
| 2022-04-08 | CVE-2021-36287 | OS Command Injection vulnerability in Dell EMC Unity Operating Environment Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system. | 9.8 |
| 2022-04-07 | CVE-2022-26670 | OS Command Injection vulnerability in Dlink Dir-878 Firmware D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. | 8.8 |
| 2022-04-07 | CVE-2022-23900 | OS Command Injection vulnerability in Wavlink Wl-Wn531P3 Firmware M31G3.V5030.201204 A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi. | 9.8 |
| 2022-04-07 | CVE-2020-27373 | OS Command Injection vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1 Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE. | 8.8 |
| 2022-04-06 | CVE-2021-22127 | OS Command Injection vulnerability in Fortinet Forticlient An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name. | 8.0 |
| 2022-04-06 | CVE-2021-26104 | OS Command Injection vulnerability in Fortinet Fortianalyzer, Fortimanager and Fortiportal Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters. | 7.8 |