Falhas do tipo CWE-78
3.786 resultadosCVE-2023-6895MEDIUMHikvision Intercom Broadcasting System ping.php os command injectionEPSS 89.1%CVE-2024-8190HIGHAn OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attEPSS 89.0%KEVCVE-2017-17411—This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not reqEPSS 87.9%CVE-2023-40504CRITICALLG Simple Editor readVideoInfo Command Injection Remote Code Execution VulnerabilityEPSS 87.8%CVE-2019-16057CRITICALThe login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.EPSS 87.2%KEVCVE-2018-9276HIGHAn issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console withEPSS 87.2%KEVCVE-2023-34127HIGHImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall AnalytiEPSS 86.7%CVE-2023-4542MEDIUMD-Link DAR-8000-10 sys1.php os command injectionEPSS 86.5%CVE-2024-3721MEDIUMTBK DVR-4104/DVR-4216 os command injectionEPSS 86.5%CVE-2022-31814CRITICALpfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP HEPSS 86.4%CVE-2018-6961HIGHVMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This coEPSS 86.4%KEVCVE-2016-20016CRITICALMVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote EPSS 86.3%CVE-2024-29973CRITICAL** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5EPSS 86.2%CVE-2026-1731CRITICALRemote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)EPSS 86.1%KEVCVE-2020-2038HIGHPAN-OS: OS command injection vulnerability in the management web interfaceEPSS 86.1%CVE-2025-34037CRITICALLinksys Routers E/WAG/WAP/WES/WET/WRT-SeriesEPSS 85.4%CVE-2020-26217HIGHRemote Code Execution in XStreamEPSS 85.0%CVE-2024-20328MEDIUMClamAV VirusEvent File Processing Command Injection VulnerabilityEPSS 84.8%CVE-2022-24697CRITICALApache Kylin prior to 4.0.2 allows command injection when the configuration overwrites function overwrites system parametersEPSS 84.8%CVE-2020-15415CRITICALOn DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution vEPSS 84.6%KEV