Fallos del tipo CWE-78

3837 resultados
CVE-2021-32530CRITICALQSAN XEVO - Command Injection Following via Array functionEPSS 2.3%CVE-2025-56120HIGHOS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands viaEPSS 2.3%CVE-2025-56129HIGHOS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request toEPSS 2.3%CVE-2018-13284HIGHCommand injection vulnerability in ftpd in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to executEPSS 2.3%CVE-2018-13285HIGHCommand injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arEPSS 2.3%CVE-2025-56122HIGHOS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands EPSS 2.3%CVE-2025-56123HIGHOS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary cEPSS 2.3%CVE-2021-21386CRITICALImproper Neutralization of Argument Delimiters in a Decompiling Package ProcessEPSS 2.3%CVE-2022-46649HIGHAcemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary sheEPSS 2.3%CVE-2025-34312HIGHIPFire < v2.29 Command Injection via URL Filter BlacklistEPSS 2.3%CVE-2024-41317HIGHTOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_eEPSS 2.3%CVE-2025-29269CRITICALALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoinEPSS 2.3%CVE-2021-36023CRITICALMagento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code ExecutionEPSS 2.3%CVE-2022-46597CRITICALTRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the sys_service parameter in the setup_wizard_mydlEPSS 2.3%CVE-2022-46598CRITICALTRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the wps_sta_enrollee_pin parameter in the action sEPSS 2.3%CVE-2025-59834CRITICALCommand Injection in adb-mcp MCP ServerEPSS 2.3%CVE-2022-45996HIGHTenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output.EPSS 2.3%CVE-2026-5973MEDIUMFoundationAgents MetaGPT common.py get_mime_type os command injectionEPSS 2.3%CVE-2026-21861CRITICALbaserCMS: OS Command Injection Leading to Remote Code Execution (RCE)EPSS 2.3%CVE-2025-59831HIGH`git-comiters` Command Injection vulnerabilityEPSS 2.3%