Weaknesses of type CWE-77
2,524 resultsCVE-2024-57234MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apclEPSS 1.2%CVE-2024-57230MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apclEPSS 1.2%CVE-2024-57233MEDIUMNETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_dEPSS 1.2%CVE-2023-48702HIGHJellyfin Possible Remote Code Execution via custom FFmpeg binaryEPSS 1.2%CVE-2025-4850MEDIUMTOTOLINK N300RH cstecgi.cgi setUnloadUserData command injectionEPSS 1.2%CVE-2025-4729MEDIUMTOTOLINK A3002R/A3002RU HTTP POST Request formMapDelDevice command injectionEPSS 1.2%CVE-2026-12223MEDIUMYealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injectionEPSS 1.2%CVE-2025-27212CRITICALAn Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi AccesEPSS 1.2%CVE-2023-40263HIGHAn issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection via ftp.EPSS 1.2%CVE-2023-26128HIGHAll versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sanEPSS 1.2%CVE-2025-22630CRITICALWordPress Widget Options Plugin <= 4.1.0 - Arbitrary Code Execution vulnerabilityEPSS 1.2%CVE-2025-53104CRITICALgluestack-ui Command Injection Vulnerability via discussion-to-slack GitHub Action WorkflowEPSS 1.2%CVE-2026-12814MEDIUMComfast CF-WR631AX V3 API Endpoint mbox-config system os command injectionEPSS 1.2%CVE-2026-12808MEDIUMEdimax BR-6478AC V2 POST Request stainfo command injectionEPSS 1.2%CVE-2026-8774MEDIUMEdimax BR-6228NC POST Request mp command injectionEPSS 1.2%CVE-2026-8753MEDIUMkalcaddle Kodbox fileThumb Plugin VideoResize.class.php parseVideoInfo command injectionEPSS 1.2%CVE-2024-10435MEDIUMdidi Super-Jacoco triggerEnvCov command injectionEPSS 1.2%CVE-2026-12807MEDIUMEdimax BR-6478AC V2 POST Request setWAN command injectionEPSS 1.2%CVE-2024-38486HIGHDell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special ElemenEPSS 1.2%CVE-2024-2947HIGHCockpit: command injection when deleting a sosreport with a crafted nameEPSS 1.2%