Fallos del tipo CWE-77
2524 resultadosCVE-2024-22546MEDIUMTRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privEPSS 1.5%CVE-2025-4851MEDIUMTOTOLINK N300RH cstecgi.cgi setUploadUserData command injectionEPSS 1.5%CVE-2025-4849MEDIUMTOTOLINK N300RH cstecgi.cgi CloudACMunualUpdateUserdata command injectionEPSS 1.5%CVE-2023-31996HIGHHanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storagEPSS 1.5%CVE-2025-59470CRITICALThis vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or oEPSS 1.5%CVE-2024-42505CRITICALUnauthenticated Command Injection Vulnerabilities in the CLI Service Accessed by the PAPI ProtocolEPSS 1.5%CVE-2026-7548HIGHTotolink NR1800X cstecgi.cgi sub_41A68C command injectionEPSS 1.5%CVE-2024-4267HIGHRemote Code Execution in parisneo/lollms-webuiEPSS 1.5%CVE-2024-30572HIGHNetgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter.EPSS 1.5%CVE-2018-19015—An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a EPSS 1.5%CVE-2023-40301CRITICALNETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.EPSS 1.5%CVE-2025-55294CRITICALCommand Injection via `format` option in screenshot-desktopEPSS 1.5%CVE-2025-2367MEDIUMOiwtech OIW-2431APGN-HP Personal Script Submenu formScript os command injectionEPSS 1.5%CVE-2024-57583CRITICALTenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf functiEPSS 1.5%CVE-2024-37385CRITICALRoundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: thEPSS 1.5%CVE-2022-21191HIGHVersions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checEPSS 1.5%CVE-2025-37102HIGHAuthenticated Command Injection Vulnerability In Instant On Command Line InterfaceEPSS 1.5%CVE-2022-40100CRITICALTenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.EPSS 1.5%CVE-2024-48860CRITICALQHoraEPSS 1.5%CVE-2024-25998HIGHPHOENIX CONTACT: Command injection in the OCPP ServiceEPSS 1.5%