Fallos del tipo CWE-77

2524 resultados
CVE-2026-9476CRITICALTotolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injectionEPSS 1.9%CVE-2024-40110CRITICALSourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimagEPSS 1.9%CVE-2026-9456CRITICALTotolink A8000RU Web Management cstecgi.cgi setOpenVpnCfg os command injectionEPSS 1.9%CVE-2026-9454CRITICALTotolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injectionEPSS 1.9%CVE-2026-9475CRITICALTotolink A8000RU Web Management cstecgi.cgi setIpQosRules os command injectionEPSS 1.9%CVE-2026-9478CRITICALTotolink A8000RU Web Management cstecgi.cgi setParentalRules os command injectionEPSS 1.9%CVE-2026-9455CRITICALTotolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injectionEPSS 1.9%CVE-2026-9435CRITICALTotolink A8000RU Web Management cstecgi.cgi setQosCfg os command injectionEPSS 1.9%CVE-2026-5547MEDIUMTenda AC10 httpd formAddMacfilterRule os command injectionEPSS 1.9%CVE-2026-4497MEDIUMTotolink WA300 cstecgi.cgi recvUpgradeNewFw os command injectionEPSS 1.9%CVE-2025-45489MEDIUMLinksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostnaEPSS 1.9%CVE-2024-44844HIGHDrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_commEPSS 1.9%CVE-2024-34204CRITICALTOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function vEPSS 1.9%CVE-2023-34232HIGHSnowflake NodeJS Driver vulnerable to Command InjectionEPSS 1.9%CVE-2024-30891HIGHA command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput paraEPSS 1.9%CVE-2023-51972CRITICALTenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp.EPSS 1.9%CVE-2026-5041MEDIUMcode-projects Chamber of Commerce Membership Management System pageMail.php fwrite command injectionEPSS 1.9%CVE-2025-61492CRITICALA command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary comEPSS 1.9%CVE-2025-58132MEDIUMZoom Clients for Windows - Command InjectionEPSS 1.9%CVE-2023-1457HIGHA vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. Affected is an unknown function of theEPSS 1.9%