Weaknesses of type CWE-78
3,786 resultsCVE-2025-5446MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkCredentialsByBBS os command injectionEPSS 21.5%CVE-2025-5442MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_pingGatewayByBBS os command injectionEPSS 21.5%CVE-2025-5441MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 setDeviceURL os command injectionEPSS 21.5%CVE-2020-9377HIGHD-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products tEPSS 21.3%KEVCVE-2025-5445MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkFWByBBS os command injectionEPSS 21.3%CVE-2025-5443MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden os command injectionEPSS 21.3%CVE-2025-5444MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_UpgradeFWByBBS os command injectionEPSS 21.3%CVE-2025-10985HIGHOS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attackeEPSS 21.1%CVE-2025-10243HIGHOS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attackeEPSS 21.1%CVE-2025-10242HIGHOS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attackeEPSS 21.1%CVE-2023-0830MEDIUMEasyNAS backup.pl system os command injectionEPSS 20.9%CVE-2024-24576CRITICALRusts's `std::process::Command` did not properly escape arguments of batch files on WindowsEPSS 20.3%CVE-2025-54948CRITICALA vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious EPSS 20.3%KEVCVE-2022-45711CRITICALIP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTEPSS 20.2%CVE-2025-15472HIGHTRENDnet TEW-811DRU httpd uapply.cgi setDeviceURL os command injectionEPSS 20.1%CVE-2025-10775MEDIUMWavlink WL-NU516U1 login.cgi sub_4012A0 os command injectionEPSS 20.0%CVE-2025-32778CRITICALWeb-Check allows command Injection via Unvalidated URL in Screenshot APIEPSS 20.0%CVE-2024-9076MEDIUMDedeCMS article_string_mix.php os command injectionEPSS 19.8%CVE-2023-51385MEDIUMIn ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is refereEPSS 19.8%CVE-2017-14094—A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote commandEPSS 19.7%