Weaknesses of type CWE-77
2,524 resultsCVE-2024-44610MEDIUMPCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection via shell metacharacters iEPSS 1.0%CVE-2026-23823HIGHAuthenticated Command Injection leads to RCE in AOS-10 CLI CommandEPSS 1.0%CVE-2025-52903HIGHFile Browser Allows Execution of Shell Commands That Can Spawn Other CommandsEPSS 1.0%CVE-2022-25855HIGHAll versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input saniEPSS 1.0%CVE-2023-52042HIGHAn issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the 'lanEPSS 0.9%CVE-2025-7388HIGHAuthenticated Command Injection via configuration parameter manipulation in exposed RMI interfaceEPSS 0.9%CVE-2026-22284MEDIUMDell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('ComEPSS 0.9%CVE-2020-26273MEDIUMsqlite ATTACH allows some filesystem accessEPSS 0.9%CVE-2024-38492CRITICALSymantec Privileged Access Manager Remote Command Execution vulnerabilityEPSS 0.9%CVE-2024-32349MEDIUMTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtuEPSS 0.9%CVE-2026-23815HIGHAuthenticated Command Injection found in AOS-CX Administrative CLI CommandEPSS 0.9%CVE-2024-48747MEDIUMAn issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file.EPSS 0.9%CVE-2023-46687CRITICALEmerson Rosemount GC370XA, GC700XA, GC1500XA Command InjectionEPSS 0.9%CVE-2026-11455LOWFoundationAgents MetaGPT common.py check_cmd_exists command injectionEPSS 0.9%CVE-2017-12335—A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attackEPSS 0.9%CVE-2025-29062CRITICALAn issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_EPSS 0.9%CVE-2025-29063CRITICALAn issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hiEPSS 0.9%CVE-2026-35428CRITICALAzure Cloud Shell Spoofing VulnerabilityEPSS 0.9%CVE-2025-30264HIGHQTS, QuTS heroEPSS 0.9%CVE-2025-41451HIGHPost-Authentication OS Command Injection RCE in Danfoss AK-SM8xxA SeriesEPSS 0.9%