Fallos del tipo CWE-74
4145 resultadosCVE-2026-1687MEDIUMTenda HG10 Boa Webserver formSamba command injectionEPSS 2.6%CVE-2025-50578CRITICALLinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically `X-Forwarded-Host` aEPSS 2.6%CVE-2026-3484MEDIUMPhialsBasement nmap-mcp-server Nmap CLI index.ts child_process.exec command injectionEPSS 2.6%CVE-2026-1625MEDIUMD-Link DWR-M961 SMS Message formSmsManage sub_4250E0 command injectionEPSS 2.6%CVE-2026-1624MEDIUMD-Link DWR-M961 formLtefotaUpgradeFibocom command injectionEPSS 2.6%CVE-2025-3249MEDIUMTOTOLINK A6000R mtkwifi.lua apcli_cancel_wps command injectionEPSS 2.6%CVE-2026-1689MEDIUMTenda HG10 Login formLogin checkUserFromLanOrWan command injectionEPSS 2.5%CVE-2026-5104MEDIUMTotolink A3300R cstecgi.cgi setStaticRoute command injectionEPSS 2.5%CVE-2026-4466MEDIUMComfast CF-AC100 mbox-config command injectionEPSS 2.5%CVE-2026-7067MEDIUMD-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injectionEPSS 2.5%CVE-2025-14188HIGHUGREEN DH2100+ nas_svr create handler_file_backup_create command injectionEPSS 2.5%CVE-2018-18996—LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attEPSS 2.5%CVE-2021-43818HIGHHTML Cleaner allows crafted and SVG embedded scripts to pass throughEPSS 2.5%CVE-2025-8937MEDIUMTOTOLINK N350R formSysCmd command injectionEPSS 2.4%CVE-2026-5177MEDIUMTotolink A3300R cstecgi.cgi setWiFiBasicCfg command injectionEPSS 2.4%CVE-2022-40145CRITICALApache Karaf: JDBC JAAS LDAP injectionEPSS 2.4%CVE-2022-31014MEDIUMSMTP Command Injection in iCalendar Attachments to emails via newlines in Nextcloud ServerEPSS 2.4%CVE-2020-5219HIGHRemote Code Execution in Angular ExpressionsEPSS 2.4%CVE-2026-12197HIGHRuijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injectionEPSS 2.4%CVE-2025-2473MEDIUMPHPGurukul Company Visitor Management System Sign In index.php sql injectionEPSS 2.4%