Fallos del tipo CWE-78
3840 resultadosCVE-2026-7538CRITICALTotolink A8000RU CGI cstecgi.cgi vulnerability os command injectionEPSS 1.8%CVE-2026-6156CRITICALTotolink A7100RU CGI cstecgi.cgi setIpQosRules os command injectionEPSS 1.8%CVE-2026-6139CRITICALTotolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os command injectionEPSS 1.8%CVE-2026-6131CRITICALTotolink A7100RU CGI cstecgi.cgi setTracerouteCfg os command injectionEPSS 1.8%CVE-2024-43648CRITICALAuthenticated command injection via <redacted>.exe <redacted> parameterEPSS 1.8%CVE-2019-1896HIGHCisco Integrated Management Controller CSR Generation Command Injection VulnerabilityEPSS 1.8%CVE-2019-5072HIGHAn exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart DualEPSS 1.8%CVE-2025-44960HIGHRUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.EPSS 1.8%CVE-2021-28804—Command Injection Vulnerabilities in QTS and QuTS heroEPSS 1.8%CVE-2021-28802—Command Injection Vulnerabilities in QTS and QuTS heroEPSS 1.8%CVE-2026-0756CRITICALgithub-kanban-mcp-server execAsync Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2021-1538MEDIUMCisco Common Services Platform Collector Command Injection VulnerabilityEPSS 1.8%CVE-2025-29631CRITICALGardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 allow commandEPSS 1.8%CVE-2022-44252CRITICALTOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the setUploadSetting function.EPSS 1.8%CVE-2022-44249CRITICALTOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function.EPSS 1.8%CVE-2022-44251CRITICALTOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function.EPSS 1.8%CVE-2022-44250CRITICALTOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function.EPSS 1.8%CVE-2025-56130HIGHOS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers to execute arbitrary commands via a craftEPSS 1.8%CVE-2026-9515MEDIUMTotolink CA750-PoE Setting cstecgi.cgi setUnloadUserData os command injectionEPSS 1.8%CVE-2026-5994CRITICALTotolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injectionEPSS 1.8%