Weaknesses of type CWE-77

2,523 results
CVE-2024-32766CRITICALQTS, QuTS hero, QuTScloudEPSS 2.3%CVE-2023-43207HIGHD-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vuEPSS 2.3%CVE-2023-43204HIGHD-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50. This vulnerability EPSS 2.3%CVE-2023-43202HIGHD-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler. This vuEPSS 2.3%CVE-2026-6118MEDIUMAstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injectionEPSS 2.3%CVE-2023-25911CRITICALAuthenticated OS Command Injection in Danfoss AK-EM100EPSS 2.3%CVE-2024-28545CRITICALTenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function.EPSS 2.3%CVE-2023-49898Apache StreamPark (incubating): Authenticated system users could trigger remote command executionEPSS 2.3%CVE-2021-27447CRITICALMesa Labs AmegaView command injectionEPSS 2.3%CVE-2025-59834CRITICALCommand Injection in adb-mcp MCP ServerEPSS 2.3%CVE-2023-26866CRITICALGreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3_V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerabEPSS 2.3%CVE-2019-6579A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port EPSS 2.3%CVE-2025-4135MEDIUMNetgear WG302v2 ui_get_input_value command injectionEPSS 2.3%CVE-2026-5973MEDIUMFoundationAgents MetaGPT common.py get_mime_type os command injectionEPSS 2.3%CVE-2026-5030MEDIUMTotolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injectionEPSS 2.3%CVE-2025-22912CRITICALRE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept.EPSS 2.3%CVE-2025-59831HIGH`git-comiters` Command Injection vulnerabilityEPSS 2.3%CVE-2026-2686CRITICALSECCN Dingcheng G10 session_login.cgi qq os command injectionEPSS 2.3%CVE-2025-60702MEDIUMA command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The EPSS 2.3%CVE-2021-4329MEDIUMjson-logic-js logic.js command injectionEPSS 2.3%