Weaknesses of type CWE-77
2,523 resultsCVE-2026-12197HIGHRuijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injectionEPSS 2.4%CVE-2024-33789CRITICALLinksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint.EPSS 2.4%CVE-2017-12078HIGHCommand injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execuEPSS 2.4%CVE-2025-1370MEDIUMMicroWorld eScan Antivirus Autoscan USB epsdaemon sprintf os command injectionEPSS 2.4%CVE-2024-1355CRITICALCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement ConsoleEPSS 2.4%CVE-2026-0641MEDIUMTOTOLINK WA300 cstecgi.cgi sub_401510 command injectionEPSS 2.4%CVE-2021-37708HIGHCommand injection in mail agent settingsEPSS 2.4%CVE-2026-1150MEDIUMTotolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injectionEPSS 2.4%CVE-2026-39866HIGHLawnchair vulnerable to Command Injection via unquoted workflow dispatch input in release_update.ymlEPSS 2.3%CVE-2023-6848HIGHkalcaddle kodbox index.class.php check command injectionEPSS 2.3%CVE-2025-15081MEDIUMJD Cloud BE6500 jdcapi sub_4780 command injectionEPSS 2.3%CVE-2022-45600HIGHAztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authenticEPSS 2.3%CVE-2021-38542—Apache James vulnerable to STARTTLS command injection (IMAP and POP3)EPSS 2.3%CVE-2020-27867MEDIUMThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R62EPSS 2.3%CVE-2025-5030LOWAckites KillWxapkg wxapkg File Parser unpack.go processFile os command injectionEPSS 2.3%CVE-2026-7833HIGHEFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injectionEPSS 2.3%CVE-2024-21880HIGHURL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.xEPSS 2.3%CVE-2023-43206HIGHD-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler. ThiEPSS 2.3%CVE-2026-5972MEDIUMFoundationAgents MetaGPT terminal.py Terminal.run_command os command injectionEPSS 2.3%CVE-2025-57198HIGHAVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability iEPSS 2.3%