Falhas do tipo CWE-78
3.786 resultadosCVE-2017-3506HIGHVulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are EPSS 96.0%KEVCVE-2022-2068CRITICALThe c_rehash script allows command injectionEPSS 95.8%CVE-2024-1212CRITICALLoadMaster Pre-Authenticated OS Command InjectionEPSS 95.4%KEVCVE-2024-51378CRITICALgetresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authenticatEPSS 94.9%KEVCVE-2024-9474MEDIUMPAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management InterfaceEPSS 94.8%KEVCVE-2021-33544HIGHUDP Technology/Geutebrück camera devices: command injection leading to RCEEPSS 94.6%CVE-2024-8517CRITICALSPIP Bigup Multipart File Upload OS Command InjectionEPSS 94.6%CVE-2017-18368CRITICALThe ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability inEPSS 94.5%KEVCVE-2024-2389CRITICALFlowmon Unauthenticated Command Injection VulnerabilityEPSS 93.9%CVE-2018-14933CRITICALupgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeupEPSS 93.7%KEVCVE-2024-7120MEDIUMRaisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injectionEPSS 93.4%CVE-2022-33891HIGHApache Spark shell command injection vulnerability via Spark UIEPSS 93.0%KEVCVE-2018-11138CRITICALThe '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users andEPSS 91.9%KEVCVE-2022-31137CRITICALUnauthenticated Remote Code Execution in Roxy-WIEPSS 90.4%CVE-2021-21315HIGHCommand Injection VulnerabilityEPSS 90.2%KEVCVE-2023-20273HIGHA vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the priEPSS 89.6%KEVCVE-2019-17621CRITICALThe UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execEPSS 89.6%KEVCVE-2018-14839CRITICALLG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POEPSS 89.4%KEVCVE-2024-29972CRITICAL** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions bEPSS 89.2%CVE-2023-47218MEDIUMQTS, QuTS hero, QuTScloudEPSS 89.2%