Falhas do tipo CWE-77

2.524 resultados
CVE-2023-22765HIGHAuthenticated Remote Command Execution in the ArubaOS Command Line InterfaceEPSS 1.5%CVE-2023-22767HIGHAuthenticated Remote Command Execution in the ArubaOS Command Line InterfaceEPSS 1.5%CVE-2023-22763HIGHAuthenticated Remote Command Execution in the ArubaOS Command Line InterfaceEPSS 1.5%CVE-2023-22764HIGHAuthenticated Remote Command Execution in the ArubaOS Command Line InterfaceEPSS 1.5%CVE-2024-22197HIGHAuthenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)EPSS 1.5%CVE-2025-59735CRITICALMultiple vulnerabilities in AndSoft's e-TMSEPSS 1.5%CVE-2023-28832HIGHA vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versiEPSS 1.5%CVE-2024-43028CRITICALA command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code EPSS 1.5%CVE-2022-32665CRITICALIn Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no adEPSS 1.5%CVE-2023-49040CRITICALAn issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_intEPSS 1.5%CVE-2024-39963HIGHAX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered EPSS 1.5%CVE-2026-9347MEDIUMEdimax EW-7438RPn webs formWizSurvey os command injectionEPSS 1.5%CVE-2026-9343MEDIUMEdimax EW-7438RPn webs formWpsStart os command injectionEPSS 1.5%CVE-2023-46993CRITICALIn TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which canEPSS 1.5%CVE-2023-46976CRITICALTOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function.EPSS 1.5%CVE-2023-46979CRITICALTOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfgEPSS 1.5%CVE-2025-4678HIGHRemote Code Execution leads to Command InjectionEPSS 1.5%CVE-2022-35518MEDIUMWAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command iEPSS 1.5%CVE-2022-42897CRITICALArray Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and contEPSS 1.5%CVE-2024-22546MEDIUMTRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privEPSS 1.5%