Weaknesses of type CWE-77
2,524 resultsCVE-2026-9424MEDIUMEdimax EW-7438RPn Content-Type formWlanMP os command injectionEPSS 1.2%CVE-2025-14204MEDIUMTykoDev cherry-studio-TykoFork OAuth Server Discovery oauth-authorization-server redirectToAuthorization os command injectionEPSS 1.2%CVE-2025-46427HIGHDell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('CommaEPSS 1.2%CVE-2024-20432CRITICALCisco Nexus Dashboard Fabric Controller Web UI Command Injection VulnerabilityEPSS 1.1%CVE-2022-32203CRITICALThere is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privilegeEPSS 1.1%CVE-2025-28017MEDIUMTOTOLINK A800R V4.1.2cu.5032_B20200408 is vulnerable to Command Injection in downloadFile.cgi via the QUERY_STRING parameter.EPSS 1.1%CVE-2024-30167MEDIUM/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a PEPSS 1.1%CVE-2025-54377HIGHRoo Code Lacks Line Break Validation in its Command Execution ToolEPSS 1.1%CVE-2023-1168HIGHAuthenticated Remote Code Execution in Aruba CX SwitchesEPSS 1.1%CVE-2025-59468CRITICALThis vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a
malicious passworEPSS 1.1%CVE-2026-23778HIGHDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release verEPSS 1.1%CVE-2026-5678MEDIUMTotolink A7100RU cstecgi.cgi setScheduleCfg os command injectionEPSS 1.1%CVE-2026-5677MEDIUMTotolink A7100RU cstecgi.cgi CsteSystem os command injectionEPSS 1.1%CVE-2023-26130HIGHVersions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the contEPSS 1.1%CVE-2025-55901MEDIUMTOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function NTPSyncWithHost via the host_time parameter.EPSS 1.1%CVE-2025-55893MEDIUMTOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via hostName.EPSS 1.1%CVE-2026-33111HIGHCopilot Chat (Microsoft Edge) Information Disclosure VulnerabilityEPSS 1.1%CVE-2025-29228CRITICALLinksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.EPSS 1.1%CVE-2025-29229CRITICALlinksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.EPSS 1.1%CVE-2025-61141HIGHsqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environmeEPSS 1.1%