Weaknesses of type CWE-78
3,804 resultsCVE-2020-15428CRITICALThis vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. AuthenEPSS 8.1%CVE-2025-5439MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 verifyFacebookLike os command injectionEPSS 8.1%CVE-2025-5440MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 NTP os command injectionEPSS 8.1%CVE-2025-50989CRITICALOPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edEPSS 8.0%CVE-2025-50475CRITICALAn OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute EPSS 7.9%CVE-2025-11285MEDIUMsamanhappy MCPHub serverController.ts os command injectionEPSS 7.9%CVE-2024-2897MEDIUMTenda AC7 WriteFacMac formWriteFacMac os command injectionEPSS 7.9%CVE-2023-26213HIGHOn Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exisEPSS 7.9%CVE-2024-5340MEDIUMRuijie RG-UAC sub_commit.php os command injectionEPSS 7.9%CVE-2024-5338MEDIUMRuijie RG-UAC online.php os command injectionEPSS 7.9%CVE-2024-5339MEDIUMRuijie RG-UAC online_check.php os command injectionEPSS 7.9%CVE-2024-4507MEDIUMRuijie RG-UAC static_route_add_ipv6.php os command injectionEPSS 7.9%CVE-2025-20029HIGHBIG-IP iControl REST and tmsh vulnerabilityEPSS 7.8%CVE-2025-34513CRITICALIlevia EVE X1 Server 4.7.18.0.eden Unauthenticated Command InjectionEPSS 7.7%CVE-2025-8818MEDIUMLinksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setLan setDFSSetting os command injectionEPSS 7.7%CVE-2024-13985CRITICALDahua EIMS capture_handle.action RCEEPSS 7.7%CVE-2021-32849HIGHArbitrary command execution in GerapyEPSS 7.6%CVE-2024-6187MEDIUMRuijie RG-UAC sub_commit.php os command injectionEPSS 7.6%CVE-2024-4506MEDIUMRuijie RG-UAC ip_addr_edit_commit.php os command injectionEPSS 7.6%CVE-2026-6204HIGHLibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config EPSS 7.5%