Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-06 | CVE-2021-26116 | OS Command Injection vulnerability in Fortinet Fortiauthenticator An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 8.8 |
| 2022-04-06 | CVE-2021-24009 | OS Command Injection vulnerability in Fortinet Fortiwan Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests. | 8.8 |
| 2022-04-05 | CVE-2021-42324 | OS Command Injection vulnerability in Dcnglobal S4600-10P-Si Firmware An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. | 7.4 |
| 2022-04-01 | CVE-2021-32933 | OS Command Injection vulnerability in Auvesy-Mdt Autosave and Autosave for System Platform An attacker could leverage an API to pass along a malicious file that could then manipulate the process creation command line in MDT AutoSave versions prior to v6.02.06 and run a command line argument. | 9.8 |
| 2022-04-01 | CVE-2021-32974 | OS Command Injection vulnerability in Moxa products Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands. | 9.8 |
| 2022-04-01 | CVE-2022-25017 | OS Command Injection vulnerability in Hitrontech Chita Firmware 7.2.2.0.3B6Cd Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS ddnsUsername field. | 8.8 |
| 2022-03-31 | CVE-2022-22986 | OS Command Injection vulnerability in Ntt-East products Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file. | 8.8 |
| 2022-03-30 | CVE-2021-46007 | OS Command Injection vulnerability in Totolink Ar3100R Firmware 5.9C.4577 totolink a3100r V5.9c.4577 is vulnerable to os command injection. | 9.8 |
| 2022-03-28 | CVE-2022-26258 | OS Command Injection vulnerability in Dlink Dir-820L Firmware 1.05 D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | 9.8 |
| 2022-03-26 | CVE-2022-27945 | OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158 NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi. | 8.8 |