Weaknesses of type CWE-77
2,516 resultsCVE-2025-5446MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkCredentialsByBBS os command injectionEPSS 21.5%CVE-2024-9793MEDIUMTenda AC1206 ate ate_ifconfig_set command injectionEPSS 21.5%CVE-2025-5443MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden os command injectionEPSS 21.3%CVE-2025-5445MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkFWByBBS os command injectionEPSS 21.3%CVE-2025-5444MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_UpgradeFWByBBS os command injectionEPSS 21.3%CVE-2026-22755CRITICALLegacy Vivotek Camera Firmware Command Injection in upload_map.cgiEPSS 21.2%CVE-2023-0830MEDIUMEasyNAS backup.pl system os command injectionEPSS 20.9%CVE-2025-27423HIGHImproper Input Validation in VimEPSS 20.8%CVE-2024-6269MEDIUMRuijie RG-UAC HTTP POST Request sxh_vpnlic.php get_ip.addr_details command injectionEPSS 20.6%CVE-2024-39226MEDIUMGL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16,EPSS 20.6%CVE-2023-44959HIGHAn issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP AdEPSS 20.5%CVE-2023-45498CRITICALVinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain a command injection vulnerability.EPSS 20.5%CVE-2024-22651CRITICALThere is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04.EPSS 20.2%CVE-2025-15472HIGHTRENDnet TEW-811DRU httpd uapply.cgi setDeviceURL os command injectionEPSS 20.1%CVE-2022-31161CRITICALRoxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert UploadEPSS 20.1%CVE-2025-10775MEDIUMWavlink WL-NU516U1 login.cgi sub_4012A0 os command injectionEPSS 20.0%CVE-2025-5306HIGHCommand Injection in Netflow pathEPSS 19.9%CVE-2024-7464MEDIUMTOTOLINK CP900 Telnet Service setTelnetCfg command injectionEPSS 19.9%CVE-2024-33344CRITICALD-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to eEPSS 19.9%CVE-2024-9076MEDIUMDedeCMS article_string_mix.php os command injectionEPSS 19.8%