CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,570 vulnerabilities with CWE-77
CVE-2021-1553
MEDIUM
Cisco Small Business WAP125, WAP131, WAP150, WAP351, WAP361, WAP581 Firmware - Authenticated Command Injection
CVSS 4.7
CVE-2021-1552
MEDIUM
Cisco Small Business Wireless Access Points < 1.0.3.1 - Authenticated Command Injection via Web Interface
CVSS 4.7
CVE-2021-1551
MEDIUM
Cisco Small Business Wireless Access Points < 1.0.3.1 - Authenticated Command Injection via Web Interface
CVSS 4.7
CVE-2021-1550
MEDIUM
Cisco Small Business 100/300/500 Series WAP Authenticated Command Injection
CVSS 4.7
CVE-2021-1549
MEDIUM
Cisco Small Business WAP125, WAP131, WAP150, WAP351, WAP361, WAP581 Firmware - Authenticated Command Injection
CVSS 4.7
CVE-2021-1548
MEDIUM
Cisco Small Business WAP125, WAP131, WAP150, WAP351, WAP361, WAP581 Firmware - Authenticated Command Injection
CVSS 4.7
CVE-2021-1547
MEDIUM
Cisco Small Business WAP125, WAP131, WAP150, WAP351, WAP361, WAP581 Firmware - Authenticated Command Injection
CVSS 4.7
CVE-2021-26311
HIGH
AMD EPYC - Arbitrary Code Execution via SEV/SEV-ES Memory Rearrangement
CVSS 7.2
CVE-2021-29501
HIGH
dav-cogs < 1.0.1 - Information Exposure in Ticketer Cog
CVSS 8.1
CVE-2021-1498
CRITICAL
KEV
Cisco HyperFlex HX Data Platform < 4.0(2e) - Unauthenticated OS Command Injection
CVSS 9.8
CVE-2021-1488
MEDIUM
Cisco ASA/Firepower Threat Defense OS Command Injection via Upgrade Package
CVSS 6.7
CVE-2021-25812
CRITICAL
China Mobile An Lianbao WF-1 Firmware 1.01 - OS Command Injection via 'ip' Parameter
CVSS 9.8
CVE-2021-31726
CRITICAL
Akuvox C315 115.116.2613 - Remote Command Injection via cfgd_server Service
CVSS 9.8
CVE-2021-0253
HIGH
Juniper Networks Junos OS - Privilege Escalation
CVSS 7.8
CVE-2021-0252
HIGH
Juniper Networks Junos OS - Privilege Escalation
CVSS 7.8
CVE-2021-20527
HIGH
IBM Resilient SOAR V38.0 - Privilege Escalation
CVSS 7.2
CVE-2021-20991
CRITICAL
Fibaro Home Center <4.540 - Command Injection
CVSS 9.8
CVE-2021-29154
HIGH
Linux Kernel < 5.11.12 - Remote Code Execution via BPF JIT Branch Displacement
CVSS 7.8
CVE-2021-1443
MEDIUM
Cisco IOS XE - Authenticated Remote Code Execution via Configuration File Tampering
CVSS 5.5
CVE-2021-1384
MEDIUM
Cisco IOS XE - Authenticated OS Command Injection via Crafted IOx Application Package
CVSS 6.5
CVE-2021-1382
MEDIUM
Cisco IOS XE < 17.3.3 - Authenticated OS Command Injection via CLI
CVSS 6.0
CVE-2021-22864
HIGH
GitHub Enterprise Server 2.21.0-2.21.16 - Authenticated Remote Code Execution via GitHub Pages Configuration
CVSS 8.8
CVE-2021-29079
CRITICAL
NETGEAR RBK852/RBK853/RBK854/RBR850/RBS850 < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-29078
CRITICAL
NETGEAR RBK/RBR/RBS 750/850 Series < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-29077
CRITICAL
NETGEAR RBW30/RBS40V/RBK852/RBK853/RBK854/RBR850/RBS850/RBK752/RBK753/RBK753S/RBK754/RBR750/RBS750 - Command Injection
CVSS 9.6
Details
Vulnerabilities
3,570
Exploit Likelihood
High