Fallos del tipo CWE-77
2523 resultadosCVE-2026-4170CRITICALTopsec TopACM HTTP Request nmc_sync.php os command injectionEPSS 2.1%CVE-2026-2167MEDIUMTotolink WA300 cstecgi.cgi setAPNetwork os command injectionEPSS 2.1%CVE-2017-20156MEDIUMExciting Printer Argument prepare_page.rb command injectionEPSS 2.1%CVE-2026-4164CRITICALWavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injectionEPSS 2.1%CVE-2026-4467MEDIUMComfast CF-AC100 mbox-config command injectionEPSS 2.1%CVE-2018-0344—A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticaEPSS 2.0%CVE-2023-27135CRITICALTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setEPSS 2.0%CVE-2025-11045MEDIUMWAYOS LQ_04/LQ_05/LQ_06/LQ_07/LQ_09 usb_paswd.asp command injectionEPSS 2.0%CVE-2018-19950—If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP SystEPSS 2.0%CVE-2026-27811HIGHRoxy-WI has a Command Injection via diff parameter in config comparison allows authenticated RCEEPSS 2.0%CVE-2026-1638MEDIUMTenda AC21 mDMZSetCfg command injectionEPSS 2.0%CVE-2026-11451MEDIUMGL.iNet GL-MT3000 FTP Protocol glc snprintf command injectionEPSS 2.0%CVE-2026-4627HIGHD-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injectionEPSS 2.0%CVE-2024-45682HIGHMillbeck Communications Proroute H685t-w Command Injection.EPSS 2.0%CVE-2023-27229CRITICALTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanEPSS 2.0%CVE-2023-27231CRITICALTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWEPSS 2.0%CVE-2023-29800CRITICALTOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirEPSS 2.0%CVE-2023-29798CRITICALTOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTraceroEPSS 2.0%CVE-2023-29802CRITICALTOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfgEPSS 2.0%CVE-2023-29801CRITICALTOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection vulnerabilities via the rtLogEnabled and rtLogServEPSS 2.0%