Weaknesses of type CWE-78
3,816 resultsCVE-2024-8234HIGH** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(), formUpgradeCert(), and formDelcert() in theEPSS 4.4%CVE-2013-10061HIGHNetgear Routers setup.cgi RCEEPSS 4.4%CVE-2020-5758—Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attaEPSS 4.4%CVE-2025-11491MEDIUMwonderwhy-er DesktopCommanderMCP command-manager.ts CommandManager os command injectionEPSS 4.4%CVE-2026-2143HIGHD-Link DIR-823X DDNS Service set_ddns os command injectionEPSS 4.3%CVE-2026-2129HIGHD-Link DIR-823X set_ac_status os command injectionEPSS 4.3%CVE-2017-16608—This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. AuthenticatiEPSS 4.3%CVE-2022-40222CRITICALAn OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A speciEPSS 4.3%CVE-2025-2717MEDIUMD-Link DIR-823X HTTP POST Request diag_nslookup sub_41710C os command injectionEPSS 4.3%CVE-2024-20399MEDIUMCisco NX-OS Software CLI Command Injection VulnerabilityEPSS 4.3%KEVCVE-2021-27476CRITICALRockwell Automation FactoryTalk AssetCentre OS Command InjectionEPSS 4.3%CVE-2021-24684—PDF Light Viewer < 1.4.12 - Authenticated Command InjectionEPSS 4.3%CVE-2026-8767LOWvercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injectionEPSS 4.3%CVE-2022-45709CRITICALIP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule paraEPSS 4.3%CVE-2022-45717CRITICALIP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUEPSS 4.3%CVE-2022-33328CRITICALMultiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-craftEPSS 4.3%CVE-2022-33325CRITICALMultiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-craftEPSS 4.3%CVE-2022-33329CRITICALMultiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-craftEPSS 4.3%CVE-2022-33314CRITICALMultiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-craEPSS 4.3%CVE-2022-33327CRITICALMultiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-craftEPSS 4.3%