Weaknesses of type CWE-77
2,522 resultsCVE-2026-7067MEDIUMD-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injectionEPSS 2.5%CVE-2024-21879HIGHURL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225EPSS 2.5%CVE-2023-51887CRITICALCommand Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in applicEPSS 2.5%CVE-2023-35390HIGH.NET and Visual Studio Remote Code Execution VulnerabilityEPSS 2.5%CVE-2025-14188HIGHUGREEN DH2100+ nas_svr create handler_file_backup_create command injectionEPSS 2.5%CVE-2024-41316CRITICALTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancEPSS 2.5%CVE-2021-22864—Unsafe configuration options in GitHub Pages leading to remote code execution on GitHub Enterprise ServerEPSS 2.5%CVE-2018-0454—Cisco Cloud Services Platform 2100 Command Injection VulnerabilityEPSS 2.5%CVE-2025-14586MEDIUMTOTOLINK X5000R cstecgi.cgi snprintf os command injectionEPSS 2.5%CVE-2024-48904CRITICALAn command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances.EPSS 2.5%CVE-2019-12629MEDIUMCisco SD-WAN vManage Command Injection VulnerabilityEPSS 2.5%CVE-2026-7242CRITICALTotolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injectionEPSS 2.5%CVE-2026-7243CRITICALTotolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injectionEPSS 2.4%CVE-2026-7202CRITICALTotolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injectionEPSS 2.4%CVE-2026-7204CRITICALTotolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injectionEPSS 2.4%CVE-2026-7241CRITICALTotolink A8000RU CGI cstecgi.cgi setWiFiBasicCfg os command injectionEPSS 2.4%CVE-2026-7203CRITICALTotolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injectionEPSS 2.4%CVE-2024-24321CRITICALAn issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_4EPSS 2.4%CVE-2024-31485HIGHA vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.30), SICORE Base system (All versions < V1EPSS 2.4%CVE-2025-22939CRITICALA command injection vulnerability in the telnet service of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root andEPSS 2.4%