Weaknesses of type CWE-77
2,524 resultsCVE-2025-57633CRITICALA command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commanEPSS 1.5%CVE-2025-54100HIGHPowerShell Remote Code Execution VulnerabilityEPSS 1.5%CVE-2026-5690MEDIUMTotolink A7100RU cstecgi.cgi setRemoteCfg os command injectionEPSS 1.5%CVE-2026-5689MEDIUMTotolink A7100RU cstecgi.cgi setNtpCfg os command injectionEPSS 1.5%CVE-2026-6576MEDIUMliangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injectionEPSS 1.5%CVE-2023-33530HIGHThere is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web EPSS 1.5%CVE-2023-33235HIGHMXsecurity Command Injection VulnerabilityEPSS 1.5%CVE-2026-5528MEDIUMMoussaabBadla code-screenshot-mcp HTTP os command injectionEPSS 1.5%CVE-2024-44382HIGHD-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgrade_filter_asp function.EPSS 1.5%CVE-2025-14276MEDIUMIlevia EVE X1 Server leaf_search.php command injectionEPSS 1.5%CVE-2022-27806HIGHOn all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided ConfigurEPSS 1.5%CVE-2025-1229MEDIUMolajowon Loggrove page os command injectionEPSS 1.5%CVE-2026-5532MEDIUMScrapeGraphAI scrapegraph-ai GenerateCodeNode generate_code_node.py create_sandbox_and_execute os command injectionEPSS 1.4%CVE-2021-41146HIGHArbitrary command execution on Windows in qutebrowserEPSS 1.4%CVE-2025-26385CRITICALMetasys product command injection vulnerability could allow remote SQL executionEPSS 1.4%CVE-2024-57536HIGHLinksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.EPSS 1.4%CVE-2023-36103HIGHCommand Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands EPSS 1.4%CVE-2023-40146MEDIUMA privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted coEPSS 1.4%CVE-2024-21878HIGHCommand Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.xEPSS 1.4%CVE-2023-34230HIGHSnowflake Connector vulnerable to Command InjectionEPSS 1.4%