Weaknesses of type CWE-77

2,524 results
CVE-2025-3539HIGHH3C Magic BE18000 HTTP POST Request getBasicInfo FCGI_CheckStringIfContainsSemicolon command injectionEPSS 1.3%CVE-2025-3545HIGHH3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injectionEPSS 1.3%CVE-2025-3543HIGHH3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injectionEPSS 1.3%CVE-2023-20026MEDIUMA vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allEPSS 1.3%CVE-2025-59741CRITICALMultiple vulnerabilities in AndSoft's e-TMSEPSS 1.3%CVE-2023-27407CRITICALA vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properlyEPSS 1.3%CVE-2024-43027HIGHDrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discoveredEPSS 1.3%CVE-2026-7653MEDIUMr-huijts mcp-server-rijksmuseum MCP index.ts open_image_in_browser os command injectionEPSS 1.3%CVE-2023-36754CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 1.3%CVE-2023-36753CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 1.3%CVE-2023-36751CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 1.3%CVE-2023-36750CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 1.3%CVE-2023-36752CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 1.3%CVE-2021-41143HIGHOpenMage LTS arbitrary file deletion in customer media allows for remote code executionEPSS 1.3%CVE-2025-37092HIGHA command injection remote code execution vulnerability exists in HPE StoreOnce Software.EPSS 1.3%CVE-2025-5146MEDIUMNetcore NBR200V2 HTTP Header routerd passwd_set command injectionEPSS 1.3%CVE-2023-22913HIGHA post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4EPSS 1.3%CVE-2025-37089HIGHA command injection remote code execution vulnerability exists in HPE StoreOnce Software.EPSS 1.3%CVE-2023-6999HIGHPods - Custom Content Types and Fields - Authenticated (Contributor+) Remote Code ExecutionEPSS 1.3%CVE-2025-5145MEDIUMNetcore POWER13 Query String cgi-bin command injectionEPSS 1.3%