Fallos del tipo CWE-78

3848 resultados
CVE-2026-5678MEDIUMTotolink A7100RU cstecgi.cgi setScheduleCfg os command injectionEPSS 1.1%CVE-2024-45698CRITICALD-Link WiFi router - OS Command InjectionEPSS 1.1%CVE-2012-10033CRITICALNarcissus backend.php Image Configuration Command InjectionEPSS 1.1%CVE-2025-34116HIGHIPFire < 2.19 Core Update 101 proxy.cgi RCEEPSS 1.1%CVE-2021-32826MEDIUMRemote code execution in Proxyee-DownEPSS 1.1%CVE-2025-56124HIGHOS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands viaEPSS 1.1%CVE-2025-39240HIGHSome Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. AttackerEPSS 1.1%CVE-2024-25568HIGHOS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent unauthenticated attacker to execute arbitrary OSEPSS 1.1%CVE-2024-9200HIGHA post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versEPSS 1.1%CVE-2018-15380HIGHCisco HyperFlex Software Command Injection VulnerabilityEPSS 1.1%CVE-2021-42796CRITICALAn issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticateEPSS 1.1%CVE-2024-0815CRITICALCommand injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0EPSS 1.1%CVE-2023-33239HIGHSecond Order Command-injection Vulnerability in the Key-generation FunctionEPSS 1.1%CVE-2024-57595CRITICALDLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attaEPSS 1.1%CVE-2026-6893HIGHDracut: dracut: root code execution via dhcp options command injectionEPSS 1.1%CVE-2023-4855HIGH A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to exeEPSS 1.1%CVE-2024-2659HIGH A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to exeEPSS 1.1%CVE-2026-50043HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If thiEPSS 1.1%CVE-2024-12009HIGHA post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and eEPSS 1.1%CVE-2024-11253HIGHA post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmEPSS 1.1%