Falhas do tipo CWE-77
2.516 resultadosCVE-2023-2649HIGHTenda AC23 Service Port 7329 ate command injectionEPSS 9.7%CVE-2025-45988CRITICALBlink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450EPSS 9.7%CVE-2026-3612HIGHWavlink WL-NU516U1 OTA Online Upgrade adm.cgi sub_405AF4 command injectionEPSS 9.5%CVE-2025-10328MEDIUMMiczFlor RPi-Jukebox-RFID playsinglefile.php os command injectionEPSS 9.4%CVE-2026-2080HIGHUTT HiPER 810 formUser setSysAdm command injectionEPSS 9.4%CVE-2025-14884HIGHD-Link DIR-605 Firmware Update Service command injectionEPSS 9.4%CVE-2024-22544HIGHAn issue was discovered in Linksys Router E1700 version 1.0.04 (build 3), allows authenticated attackers to execute arbitrary code via the sEPSS 9.3%CVE-2025-9387MEDIUMDCN DCME-720 Web Management Backend ip_block.php os command injectionEPSS 9.3%CVE-2025-14108HIGHZSPACE Q2C NAS HTTP POST Request open zfilev2_api.OpenSafe command injectionEPSS 9.2%CVE-2026-2847HIGHUTT HiPER 520 Web Management formReleaseConnect sub_44EFB4 os command injectionEPSS 9.2%CVE-2025-52690HIGHCommand Injection Vulnerability in the OmniAccess Stellar over UDP ServiceEPSS 9.2%CVE-2026-3066MEDIUMHummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injectionEPSS 9.1%CVE-2024-52739HIGHD-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function viEPSS 9.1%CVE-2023-50445HIGHShell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.EPSS 9.1%CVE-2026-3040MEDIUMDrayTek Vigor 300B Web Management uploadlangs cgiGetFile os command injectionEPSS 9.1%CVE-2024-35520HIGHNetgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.EPSS 9.1%CVE-2025-52377MEDIUMCommand injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to exeEPSS 9.0%CVE-2025-6898MEDIUMD-Link DI-7300G+ in proxy_client.asp os command injectionEPSS 9.0%CVE-2025-10628MEDIUMD-Link DIR-852 Web Management hedwig.cgi command injectionEPSS 8.8%CVE-2025-45488MEDIUMLinksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailexEPSS 8.8%