Falhas do tipo CWE-78
3.797 resultadosCVE-2025-2094MEDIUMTOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig os command injectionEPSS 11.0%CVE-2023-3608MEDIUMRuijie BCR810W Tracert Page os command injectionEPSS 10.9%CVE-2025-53679MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in FortinEPSS 10.8%CVE-2024-53376HIGHCyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field tEPSS 10.8%CVE-2019-1674HIGHCisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection VulnerabilityEPSS 10.8%CVE-2022-38841HIGHLinksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute paEPSS 10.7%CVE-2017-20216CRITICALFLIR Thermal Camera PT-Series firmware version 8.0.0.64 Unauthenticated Remote Command InjectionEPSS 10.6%CVE-2025-54123CRITICALHoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementationEPSS 10.5%CVE-2024-21786HIGHAn OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5.EPSS 10.5%CVE-2022-46552HIGHD-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlistEPSS 10.5%CVE-2022-37056CRITICALD-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,EPSS 10.3%CVE-2025-28137CRITICALThe TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg functEPSS 10.3%CVE-2026-25620HIGHArista Edge Threat Management NGFW Captive Portal Encrypted Password Command InjectionEPSS 10.2%CVE-2026-25622HIGHArista Edge Threat Management NGFW Captive Portal Custom Handler Command InjectionEPSS 10.2%CVE-2025-10327MEDIUMMiczFlor RPi-Jukebox-RFID shuffle.php os command injectionEPSS 10.2%CVE-2023-33012HIGHA command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX EPSS 10.1%CVE-2024-6047CRITICALGeoVision EOL device - OS Command InjectionEPSS 10.0%KEVCVE-2025-5573MEDIUMD-Link DCS-932L setSystemWizard setSystemControl os command injectionEPSS 10.0%CVE-2019-6739HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711. UseEPSS 9.9%CVE-2026-2184MEDIUMGreat Developers Certificate Generation System csv.php os command injectionEPSS 9.9%