Weaknesses of type CWE-77
2,524 resultsCVE-2022-26415HIGHOn F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior EPSS 0.7%CVE-2023-50274HIGHHPE OneView may allow command injection with local privilege escalation.EPSS 0.7%CVE-2024-35401MEDIUMTOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFEPSS 0.7%CVE-2025-37138MEDIUMAuthenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)EPSS 0.7%CVE-2025-48978HIGHAn Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with acEPSS 0.7%CVE-2025-25792MEDIUMSeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php.EPSS 0.7%CVE-2026-38142MEDIUMAn unauthenticated command injection vulnerability in the /goform/fast_setting_internet_set endpoint of Tenda AC18 v15.03.05.05 allows attacEPSS 0.7%CVE-2023-47356HIGHMingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameterEPSS 0.7%CVE-2018-0324—A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attaEPSS 0.7%CVE-2026-6219MEDIUMaandrew-me ytDownloader Compressor Feature compressor.js child_process.exec command injectionEPSS 0.7%CVE-2023-4401HIGH
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. AEPSS 0.7%CVE-2024-41134HIGHAuthenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Command Line InterfaceEPSS 0.7%CVE-2024-7575HIGHImproper neutralization special element in hyperlinksEPSS 0.7%CVE-2017-12341—A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attackEPSS 0.7%CVE-2026-24132HIGHOrval Mock Generation Code Injection via constEPSS 0.7%CVE-2026-13501MEDIUMantlr ANTLR4 gofmt GoTarget.java GoTarget command injectionEPSS 0.7%CVE-2024-57214MEDIUMTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifEPSS 0.7%CVE-2024-57213MEDIUMTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_EPSS 0.7%CVE-2023-26294HIGHPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.EPSS 0.7%CVE-2024-43497HIGHDeepSpeed Remote Code Execution VulnerabilityEPSS 0.7%