Weaknesses of type CWE-77
2,525 resultsCVE-2026-31162MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the ttlWay EPSS 0.3%CVE-2026-31165MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeSeEPSS 0.3%CVE-2026-31168MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the recHourEPSS 0.3%CVE-2026-31172MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the user paEPSS 0.3%CVE-2026-31160MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provideEPSS 0.3%CVE-2026-31163MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the dhcpMtuEPSS 0.3%CVE-2026-31179MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunPorEPSS 0.3%CVE-2026-31169MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the week paEPSS 0.3%CVE-2026-31174MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the informEEPSS 0.3%CVE-2026-31173MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the intervaEPSS 0.3%CVE-2025-59337MEDIUMDiscourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite DeploymentsEPSS 0.3%CVE-2026-31166MEDIUMAn issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the hour paEPSS 0.3%CVE-2026-35558HIGHImproper neutralization of special elements in authentication components in Amazon Athena ODBC driverEPSS 0.3%CVE-2025-29628CRITICALA Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home EPSS 0.3%CVE-2025-50817MEDIUMA vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. WheEPSS 0.3%CVE-2025-51650MEDIUMAn arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary coEPSS 0.3%CVE-2025-68432HIGHZed IDE LSP Binary Configuration Arbitrary Code ExecutionEPSS 0.3%CVE-2026-21639MEDIUMA malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airMAX Wireless Protocol to achieve a remote EPSS 0.3%CVE-2024-47562CRITICALA vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralizeEPSS 0.3%CVE-2025-63674MEDIUMAn issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding tEPSS 0.3%