Falhas do tipo CWE-78
3.786 resultadosCVE-2023-38886—An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script.EPSS 31.8%CVE-2020-12513HIGHPepper+Fuchs Comtrol IO-Link Master OS Command InjectionEPSS 31.1%CVE-2023-6612MEDIUMTotolink X5000R cstecgi.cgi setWizardCfg os command injectionEPSS 30.7%CVE-2022-20964MEDIUMA vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to injEPSS 30.6%CVE-2024-22836CRITICALAn OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing EPSS 30.0%CVE-2023-4474CRITICALThe improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmwareEPSS 29.7%CVE-2024-51151HIGHD-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter.EPSS 29.7%CVE-2025-34143CRITICALETQ Reliance CG Authentication Bypass via Trailing Space RCEEPSS 29.6%CVE-2017-5173—An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0EPSS 29.6%CVE-2025-32821HIGHA vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell comEPSS 29.4%CVE-2023-34800CRITICALD-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.EPSS 29.3%CVE-2024-12847CRITICALNETGEAR DGN setup.cgi OS Command InjectionEPSS 29.0%CVE-2024-5585HIGHCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)EPSS 28.8%CVE-2022-2488HIGHWAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injectionEPSS 28.7%CVE-2022-45768HIGHCommand Injection vulnerability in Edimax Technology Co., Ltd. Wireless Router N300 Firmware BR428nS v3 allows attacker to execute arbitraryEPSS 28.7%CVE-2024-11120CRITICALGeoVision EOL devices - OS Command InjectionEPSS 28.6%KEVCVE-2023-5372HIGHThe post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versiEPSS 28.5%CVE-2024-10443CRITICALImproper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Task Manager component in SynoloEPSS 28.4%CVE-2023-33381HIGHA command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0EPSS 28.3%CVE-2019-19356HIGHNetis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability haEPSS 28.0%KEV