CVE-2021-3198

Same vendor

• CVE-2026-10520 — An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated u... (10.0 CRITICAL)
• CVE-2026-6973 — An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with ad... (7.2 HIGH)
• CVE-2024-7593 — Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticate... (9.8 CRITICAL)
• CVE-2021-3540 — By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti Mobile... (6.5 MEDIUM)

Same CWE

• CVE-2026-22313 — The device has a webserver that exposes a REST API authenticated with a token on the management network (9.1 CRITICAL)
• CVE-2026-44932 — Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a ... (8.8 HIGH)
• CVE-2026-12398 — A command injection vulnerability was found in galaxy_ng (7.5 HIGH)
• CVE-2026-5416 — Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command in... (8.8 HIGH)
• CVE-2026-12161 — Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user ... (8.8 HIGH)