Weaknesses of type CWE-77

2,524 results
CVE-2020-8101MEDIUMCommand execution due to unsanitized input in LifeShield DIY HD Video DoorbellEPSS 1.2%CVE-2023-6940CRITICALCommand InjectionEPSS 1.2%CVE-2022-25350HIGHAll versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization. EPSS 1.2%CVE-2023-27224CRITICALAn issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.EPSS 1.2%CVE-2024-11665HIGHUnauthenticated Remote Command InjectionEPSS 1.2%CVE-2024-12912HIGHAn improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2EPSS 1.2%CVE-2024-57211HIGHTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_EPSS 1.2%CVE-2024-6333HIGHAuthenticated Remote Code Execution in Altalink, Versalink & WorkCentre ProductsEPSS 1.2%CVE-2024-39373CRITICALImproper Neutralization of Special Elements used in a Command in TELSAT marKoni FM TransmitterEPSS 1.2%CVE-2021-32661MEDIUMTechDocs object element script injectionEPSS 1.2%CVE-2023-30353CRITICALShenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.EPSS 1.2%CVE-2026-42453HIGHTermix: Command injection in extractArchive/compressFiles via double-quote escaping bypassEPSS 1.2%CVE-2024-38894MEDIUMWAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi.EPSS 1.2%CVE-2025-23052HIGHAuthenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI InterfaceEPSS 1.2%CVE-2026-8217MEDIUMIndustrial Application Software IAS Canias ERP RMI Runtime.getRuntime.exec os command injectionEPSS 1.2%CVE-2025-12155HIGHCommand Injection in LookerEPSS 1.2%CVE-2024-57235MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_eEPSS 1.2%CVE-2024-57229MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the resEPSS 1.2%CVE-2024-57233MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_dEPSS 1.2%CVE-2024-57234MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apclEPSS 1.2%