Weaknesses of type CWE-77
2,524 resultsCVE-2025-2727HIGHH3C Magic NX30 Pro HTTP POST Request getNetworkStatus command injectionEPSS 1.1%CVE-2025-2732HIGHH3C Magic BE18000 HTTP POST Request getWifiNeighbour command injectionEPSS 1.1%CVE-2023-0093HIGHOkta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command injection due to the third party library webbrowEPSS 1.1%CVE-2024-44574HIGHRELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function.EPSS 1.1%CVE-2024-44572HIGHRELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function.EPSS 1.1%CVE-2023-43322HIGHZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to vEPSS 1.1%CVE-2026-20094HIGHCisco Integrated Management Controller Command Injection VulnerabilityEPSS 1.1%CVE-2024-57590CRITICALTRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attEPSS 1.1%CVE-2022-25916HIGHVersions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scaEPSS 1.1%CVE-2022-34660MEDIUMA vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), TeamcenteEPSS 1.1%CVE-2024-55062CRITICALCode Injection vulnerability in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitraryEPSS 1.1%CVE-2026-7730MEDIUMprivsim mcp-test-runner MCP index.ts child_process.spawn os command injectionEPSS 1.1%CVE-2026-10279MEDIUMhiraishikentaro wezterm-mcp switch_pane/write_to_specific_pane wezterm_executor.ts os command injectionEPSS 1.1%CVE-2025-27083HIGHAuthenticated Command Injection Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management InterfaceEPSS 1.1%CVE-2025-46428HIGHDell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('CommEPSS 1.1%CVE-2022-43623MEDIUMThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. AlEPSS 1.1%CVE-2025-50755MEDIUMWavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_cmd function via the command parameter. This EPSS 1.1%CVE-2024-25081MEDIUMSplinefont in FontForge through 20230101 allows command injection via crafted filenames.EPSS 1.1%CVE-2024-12442CRITICALCommand injection in EnerSys AMPA versions 24.04 through 24.16, inclusiveEPSS 1.1%CVE-2023-24467HIGHPossible Command Injection in OpenText iManagerEPSS 1.1%