Weaknesses of type CWE-78
3,786 resultsCVE-2019-5127CRITICALA command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. ExploitableEPSS 45.3%CVE-1999-0043CRITICALCommand execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.EPSS 44.8%CVE-2020-10882HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: EPSS 44.4%CVE-2024-7591CRITICALImproper Input Validation vulnerability in Progress LoadMaster allows OS Command InjectionEPSS 44.1%CVE-2025-64155CRITICALAn improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, ForEPSS 42.6%CVE-2023-4473CRITICALA command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(EPSS 41.3%CVE-2022-46476CRITICALD-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function.EPSS 41.1%CVE-2025-5447MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 ssid1MACFilter os command injectionEPSS 41.0%CVE-2024-53375HIGHAn Authenticated Remote Code Execution (RCE) vulnerability affects the TP-Link Archer router series. A vulnerability exists in the "tmp_get_EPSS 40.7%CVE-2021-25297HIGHNagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/confiEPSS 40.6%KEVCVE-2023-2564CRITICALOS Command Injection in sbs20/scanservjsEPSS 40.5%CVE-2021-20044—A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS systemEPSS 40.1%CVE-2023-35138CRITICALA command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAEPSS 40.0%CVE-2025-10230CRITICALSamba: command injection in wins server hook scriptEPSS 39.7%CVE-2023-51572CRITICALVoltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution VulnerabilityEPSS 38.4%CVE-2019-11001HIGHOn Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionEPSS 38.4%KEVCVE-2025-7083MEDIUMBelkin F9K1122 webs mp os command injectionEPSS 38.1%CVE-2023-39367CRITICALAn OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specialEPSS 37.7%CVE-2017-6884HIGHA command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is locateEPSS 37.6%KEVCVE-2024-0921MEDIUMD-Link DIR-816 A2 Web Interface setDeviceSettings os command injectionEPSS 37.6%