Weaknesses of type CWE-78
3,846 resultsCVE-2022-3276HIGHPuppetlabs-mysql Command InjectionEPSS 1.6%CVE-2024-57022HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiEPSS 1.6%CVE-2024-57016HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAcEPSS 1.6%CVE-2024-57021HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiEPSS 1.6%CVE-2025-47901HIGHRCE on restore configuration passwordEPSS 1.6%CVE-2024-57017HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAcEPSS 1.6%CVE-2024-57019HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAEPSS 1.6%CVE-2024-57013HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setSchEPSS 1.6%CVE-2024-57020HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiEPSS 1.6%CVE-2024-57018HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAcEPSS 1.6%CVE-2025-47900HIGHRCE on backup configuration passwordEPSS 1.6%CVE-2024-57012HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setSchedEPSS 1.6%CVE-2024-57015HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setSchedEPSS 1.6%CVE-2022-27616HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DisEPSS 1.6%CVE-2024-36360CRITICALOS command injection vulnerability exists in awkblog v0.0.1 (commit hash:7b761b192d0e0dc3eef0f30630e00ece01c8d552) and earlier. If a remote EPSS 1.6%CVE-2023-23692HIGH
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially EPSS 1.6%CVE-2026-41247HIGHelFinder: Command injection in resize background color parameter when using ImageMagick CLIEPSS 1.6%CVE-2023-40072HIGHOS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS commaEPSS 1.6%CVE-2022-4978CRITICALSteppschuh Remote Control Server 3.1.1.12 Unauthenticated RCEEPSS 1.6%CVE-2024-45827HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Mesh Wi-Fi router RP562B firmwareEPSS 1.6%