Weaknesses of type CWE-77

2,524 results
CVE-2026-10180MEDIUMTRENDnet TEW-432BRP formSysCmd command injectionEPSS 1.1%CVE-2026-12219MEDIUMYealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injectionEPSS 1.1%CVE-2026-9565MEDIUMhaojing8312 WorkClaw Blacklist bash.rs is_dangerous os command injectionEPSS 1.1%CVE-2025-44835MEDIUMD-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitEPSS 1.1%CVE-2023-51014HIGHTOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanEPSS 1.0%CVE-2023-51025HIGHTOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPEPSS 1.0%CVE-2025-50526CRITICALNetgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.EPSS 1.0%CVE-2026-11341MEDIUMD-Link DWR-M920 formIMEISetup sub_412DA0 os command injectionEPSS 1.0%CVE-2024-35241HIGHComposer vulnerable to command injection via malicious git branch nameEPSS 1.0%CVE-2025-29743MEDIUMD-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting.EPSS 1.0%CVE-2024-32354MEDIUMTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSEPSS 1.0%CVE-2021-21406MEDIUMCommand Injection vulnerability in the Setup WizardEPSS 1.0%CVE-2026-52806CRITICALGogs: RCE via git rebase --exec argument injection in pull request mergeEPSS 1.0%CVE-2024-39569HIGHA vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications iEPSS 1.0%CVE-2024-32314LOWTenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.EPSS 1.0%CVE-2026-2333CRITICALImproper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opdsEPSS 1.0%CVE-2025-4231HIGHPAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web InterfaceEPSS 1.0%CVE-2025-45798MEDIUMA command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg inEPSS 1.0%CVE-2025-26056MEDIUMA command injection vulnerability exists in the Infinxt iEdge 100 2.1.32 in the Troubleshoot module "MTR" functionality. The vulnerability iEPSS 1.0%CVE-2025-61044MEDIUMTOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the agentName parameter in the setEasyMEPSS 1.0%