Weaknesses of type CWE-77

2,524 results
CVE-2023-22913HIGHA post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4EPSS 1.3%CVE-2024-39563MEDIUMJunos Space: Remote Command Execution (RCE) vulnerability in web applicationEPSS 1.3%CVE-2025-37096HIGHA command injection remote code execution vulnerability exists in HPE StoreOnce Software.EPSS 1.3%CVE-2024-35285CRITICALA vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injectEPSS 1.3%CVE-2024-33508MEDIUMAn improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2EPSS 1.3%CVE-2024-45824CRITICALFactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input ValidationEPSS 1.3%CVE-2023-24330HIGHCommand Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via craEPSS 1.3%CVE-2026-24905MEDIUMInspektor Gadget has a Command Injection vulnerability in Makefile.buildEPSS 1.3%CVE-2023-7227CRITICALCommand Injection vulnerability in SystemK NVR 504/508/516EPSS 1.3%CVE-2023-24612CRITICALThe PdfBook extension through 2.0.5 before b07b6a64 for MediaWiki allows command injection via an option.EPSS 1.3%CVE-2024-24216CRITICALZentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via the checkConnection method of /app/zentao/mEPSS 1.3%CVE-2025-37134HIGHAuthenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management InterfaceEPSS 1.3%CVE-2025-37133HIGHAuthenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.EPSS 1.3%CVE-2025-3541HIGHH3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injectionEPSS 1.3%CVE-2022-27588CRITICALVulnerability in QVREPSS 1.3%CVE-2023-37469HIGHCasaOS Command Injection vulnerabilityEPSS 1.3%CVE-2026-38704CRITICALA command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IEPSS 1.3%CVE-2021-32660MEDIUMTechDocs content sanitization bypassEPSS 1.3%CVE-2025-23094HIGHThe Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, EPSS 1.3%CVE-2023-39809CRITICALN.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manaEPSS 1.3%