Fallos del tipo CWE-78
3856 resultadosCVE-2025-25220HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in +F FS010M versions prior to V2.0.EPSS 1.0%CVE-2026-6849HIGHOS Command Injection in TUBITAK BILGEM's Pardus OS My ComputerEPSS 1.0%CVE-2026-30635HIGHCommand injection vulnerability in automagik-genie 2.5.27 MCP Server allows attackers to execute arbitrary commands via the view_task (aka vEPSS 1.0%CVE-2026-7256HIGH** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 coEPSS 1.0%CVE-2026-48732HIGHWarp: Remote SSH cwd can lead to unauthorized remote command executionEPSS 1.0%CVE-2024-38512HIGHA privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform coEPSS 1.0%CVE-2025-24817HIGHAn OS Command Injection vulnerability in Nokia MantaRay NMEPSS 1.0%CVE-2025-57457HIGHAn OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS CommandEPSS 1.0%CVE-2024-38508HIGHA privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an aEPSS 1.0%CVE-2024-38511HIGHA privilege escalation vulnerability was discovered in an upload processing functionality of XCC that could allow an authenticated XCC user EPSS 1.0%CVE-2024-35519HIGHNetgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi vEPSS 1.0%CVE-2023-26129HIGHAll versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwmEPSS 1.0%CVE-2022-42053HIGHTenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parEPSS 1.0%CVE-2025-25893HIGHAn OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the inIP, insPort, inePort, exsPort, exePort, and protocolEPSS 1.0%CVE-2025-25894HIGHAn OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the samba_wg and samba_nbn parameters. This vulnerability EPSS 1.0%CVE-2025-25895HIGHAn OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type parameter. This vulnerability allows attacEPSS 1.0%CVE-2023-35019HIGHIBM Security Verify Governance command executionEPSS 1.0%CVE-2024-48895HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Rakuten Turbo 5G firmware versionEPSS 1.0%CVE-2024-43778HIGHOS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticaEPSS 1.0%CVE-2022-43464HIGHHidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authEPSS 1.0%