Fallos del tipo CWE-78
3786 resultadosCVE-2023-51123CRITICALAn issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the seEPSS 24.4%CVE-2024-4884CRITICALWhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution VulnerabilityEPSS 24.3%CVE-2022-36309—Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a root command injection vulnerability in the ActiveBank parameter ofEPSS 24.1%CVE-2023-37569HIGHOS Command Injection Vulnerability in Emagic Data Center Management SuiteEPSS 24.0%CVE-2025-27364CRITICALIn MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implantEPSS 23.8%CVE-2020-4006CRITICALVMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerabiliEPSS 23.8%KEVCVE-2024-7467MEDIUMRaisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_ip_network.php sslvpn_config_mod os command injectionEPSS 23.4%CVE-2024-5411HIGHCommand InjectionEPSS 23.4%CVE-2026-25089CRITICALA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 thEPSS 23.4%CVE-2023-32150MEDIUMD-Link DIR-2640 PrefixLen Command Injection Remote Code Execution VulnerabilityEPSS 23.4%CVE-2023-32153MEDIUMD-Link DIR-2640 EmailFrom Command Injection Remote Code Execution VulnerabilityEPSS 23.4%CVE-2024-46658HIGHSyrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability.EPSS 23.1%CVE-2023-27076CRITICALCommand injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.EPSS 22.9%CVE-2025-34117CRITICALNetcore / Netis Routers RCE via UDP Port 53413 BackdoorEPSS 22.9%CVE-2026-0652HIGHRemote Code Execution on TP-Link Tapo C260 by Guest UserEPSS 22.8%CVE-2022-32572CRITICALAn os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A sEPSS 22.7%CVE-2024-9977MEDIUMMitraStar GPT-2541GNAC Firewall Settings Page settings-firewall.cgi os command injectionEPSS 22.1%CVE-2023-2479CRITICALOS Command Injection in appium/appium-desktopEPSS 22.0%CVE-2022-45942HIGHA Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.EPSS 22.0%CVE-2024-47908CRITICALOS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privilegeEPSS 22.0%