Fallos del tipo CWE-78

3822 resultados
CVE-2025-6621MEDIUMTOTOLINK CA300-PoE ap.so QuickSetting os command injectionEPSS 2.7%CVE-2026-10873HIGHShibby Tomato Web UI rstats rstats_path os command injectionEPSS 2.7%CVE-2021-21877CRITICALSpecially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests EPSS 2.7%CVE-2021-21876CRITICALSpecially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests toEPSS 2.7%CVE-2018-25083CRITICALThe pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.EPSS 2.7%CVE-2022-30308CRITICALFESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerabilityEPSS 2.7%CVE-2023-26921CRITICALOS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd.EPSS 2.7%CVE-2025-6619MEDIUMTOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injectionEPSS 2.7%CVE-2025-6618MEDIUMTOTOLINK CA300-PoE wps.so SetWLanApcliSettings os command injectionEPSS 2.7%CVE-2024-5181CRITICALCommand Injection in mudler/localaiEPSS 2.7%CVE-2019-7198Command Injection Vulnerability in QTS and QuTS heroEPSS 2.7%CVE-2024-52587LOWHarden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts`EPSS 2.7%CVE-2026-56274HIGHFlowise - Remote Code Execution via MCP Security Bypass in validateCommandFlags and validateArgsForLocalFileAccessEPSS 2.7%CVE-2026-22225HIGHCommand Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0EPSS 2.7%CVE-2022-42999HIGHD-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /gEPSS 2.7%CVE-2025-1244HIGHEmacs: shell injection vulnerability in gnu emacs via custom "man" uri schemeEPSS 2.7%CVE-2022-0841LOWOS Command Injection in ljharb/npm-lockfileEPSS 2.7%CVE-2025-1339MEDIUMTOTOLINK X18 cstecgi.cgi setL2tpdConfig os command injectionEPSS 2.7%CVE-2021-33721A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elementEPSS 2.7%CVE-2025-56111HIGHOS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request toEPSS 2.7%