Fallos del tipo CWE-77

2523 resultados
CVE-2023-31531HIGHMotorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.EPSS 2.2%CVE-2025-8665MEDIUMagno-agi agno Model Context Protocol mcp.py MultiMCPTools os command injectionEPSS 2.2%CVE-2023-41029HIGHJuplink RX4-1500 Command Injection VulnerabilityEPSS 2.2%CVE-2026-6140CRITICALTotolink A7100RU CGI cstecgi.cgi UploadFirmwareFile os command injectionEPSS 2.2%CVE-2026-10870HIGHShibby Tomato Web UI rc start_dhcpc os command injectionEPSS 2.2%CVE-2026-10871HIGHShibby Tomato Web UI rc start_6rd_tunnel os command injectionEPSS 2.2%CVE-2025-53355HIGHmcp-server-kubernetes vulnerable to command injection in several toolsEPSS 2.2%CVE-2025-8667MEDIUMSkyworkAI DeepResearchAgent tools.py from_mcp os command injectionEPSS 2.2%CVE-2025-8697MEDIUMagentUniverse MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injectionEPSS 2.2%CVE-2026-1623MEDIUMTotolink A7000R cstecgi.cgi setUpgradeFW command injectionEPSS 2.2%CVE-2026-5101MEDIUMTotolink A3300R Parameter cstecgi.cgi setLanCfg command injectionEPSS 2.2%CVE-2020-2490HIGHIf exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP SysteEPSS 2.2%CVE-2025-0328MEDIUMKaiYuanTong ECT Platform HTTP POST Request runCode.php command injectionEPSS 2.2%CVE-2026-6132CRITICALTotolink A7100RU CGI cstecgi.cgi setLedCfg os command injectionEPSS 2.2%CVE-2026-34243CRITICALwenxian: Command Injection in GitHub Actions Workflow via `issue_comment.body`EPSS 2.2%CVE-2025-57285CRITICALcodeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatEPSS 2.2%CVE-2026-5102MEDIUMTotolink A3300R Parameter cstecgi.cgi setSmartQosCfg command injectionEPSS 2.2%CVE-2025-52284MEDIUMTotolink X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_4184C0 function via the tz parametEPSS 2.2%CVE-2023-29803CRITICALTOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN EPSS 2.2%CVE-2026-38835CRITICALTenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartEPSS 2.1%