Falhas do tipo CWE-78
3.801 resultadosCVE-2025-54136HIGHCursor's Modification of MCP Server Definitions Bypasses Manual Re-approvalsEPSS 7.5%CVE-2024-28027HIGHThree OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5EPSS 7.5%CVE-2024-28025HIGHThree OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5EPSS 7.5%CVE-2025-2172MEDIUMAviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line uEPSS 7.5%CVE-2020-8858HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.EPSS 7.4%CVE-2025-65202HIGHTRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP EPSS 7.2%CVE-2016-15048CRITICALAMTT HiBOS Command Injection RCE via server_ping.phpEPSS 7.2%CVE-2021-42784—OS Command Injection in debug_fcgi in D-Link DWR-932C E1 Firmware 1.0.0.4EPSS 7.1%CVE-2025-10326MEDIUMMiczFlor RPi-Jukebox-RFID single.php os command injectionEPSS 7.1%CVE-2025-5620MEDIUMD-Link DIR-816 setipsec_config os command injectionEPSS 7.1%CVE-2022-38066HIGHAn OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafEPSS 7.1%CVE-2024-4508MEDIUMRuijie RG-UAC static_route_edit_ipv6.php os command injectionEPSS 7.1%CVE-2024-4510MEDIUMRuijie RG-UAC arp_add_commit.php os command injectionEPSS 7.1%CVE-2025-12296MEDIUMD-Link DAP-2695 Firmware Update sub_4174B0 os command injectionEPSS 7.0%CVE-2025-6299MEDIUMTOTOLINK N150RT formWSC os command injectionEPSS 7.0%CVE-2025-34041CRITICALSangfor Endpoint Detection and Response OS Command InjectionEPSS 7.0%CVE-2024-51092CRITICALLibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(),EPSS 6.9%CVE-2025-10680HIGHOpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variableEPSS 6.9%CVE-2020-5757—Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attaEPSS 6.9%CVE-2025-9579MEDIUMLB-LINK BL-X26 HTTP set_hidessid_cfg os command injectionEPSS 6.9%