Weaknesses of type CWE-78
3,878 resultsCVE-2025-60965CRITICALOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 1.2%CVE-2025-31104HIGHAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 throuEPSS 1.2%CVE-2025-56413HIGHOS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operationEPSS 1.2%CVE-2024-42978CRITICALAn issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a craftedEPSS 1.2%CVE-2025-64111CRITICALGogs's update .git/config file allows remote command executionEPSS 1.2%CVE-2022-44201CRITICALD-Link DIR823G 1.02B05 is vulnerable to Commad Injection.EPSS 1.2%CVE-2023-23355MEDIUMQTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVREPSS 1.2%CVE-2025-59377LOWfeiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is usEPSS 1.2%CVE-2026-23678HIGHBinardat 10G08-0800GSM Network Switch Traceroute CLI Command InjectionEPSS 1.2%CVE-2023-29412CRITICALCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command
Injection') vulnerability exists that could cause remEPSS 1.2%CVE-2023-38027CRITICALSpotCam Co., Ltd. SpotCam Sense - Command InjectionEPSS 1.2%CVE-2026-34794HIGHEndian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command InjectionEPSS 1.2%CVE-2023-35722HIGHNETGEAR RAX30 UPnP Command Injection Remote Code Execution VulnerabilityEPSS 1.2%CVE-2020-10603—WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely.EPSS 1.2%CVE-2024-5672HIGHRed Lion Europe: mbNET.mini vulnerable to OS command injectionEPSS 1.2%CVE-2022-25350HIGHAll versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization.
EPSS 1.2%CVE-2023-23362HIGHQTS, QuTS hero, QuTScloudEPSS 1.2%CVE-2024-2359CRITICALImproper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webuiEPSS 1.2%CVE-2022-21810HIGHAll versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization.
EPSS 1.2%CVE-2021-43984CRITICALmySCADA myPROEPSS 1.2%