Falhas do tipo CWE-78

3.840 resultados
CVE-2026-2560MEDIUMkalcaddle kodbox Media File Preview Plugin VideoResize.class.php run os command injectionEPSS 1.7%CVE-2024-48825HIGHTenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.EPSS 1.7%CVE-2024-48826HIGHTenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.EPSS 1.7%CVE-2025-6559CRITICALSapido Wireless Router - OS Command InjectionEPSS 1.7%CVE-2026-58457CRITICALShenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.cspEPSS 1.7%CVE-2026-24101CRITICALAn issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into suEPSS 1.7%CVE-2022-1360HIGHCambium Networks cnMaestro OS Command InjectionEPSS 1.7%CVE-2023-47105HIGHexec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without autEPSS 1.7%CVE-2023-52028CRITICALTOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg funEPSS 1.7%CVE-2023-52029CRITICALTOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg funcEPSS 1.7%CVE-2025-66178MEDIUMA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiWeb 8.0.0 througEPSS 1.7%CVE-2026-36828HIGHA command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI compEPSS 1.7%CVE-2021-3617HIGHA vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted networEPSS 1.7%CVE-2024-55020CRITICALA command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attEPSS 1.7%CVE-2024-7448HIGHMagnet Forensics AXIOM Command Injection Remote Code Execution VulnerabilityEPSS 1.7%CVE-2026-22550HIGHOS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary EPSS 1.7%CVE-2024-42748CRITICALIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. AEPSS 1.7%CVE-2024-42744HIGHIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUserEPSS 1.7%CVE-2024-42742HIGHIn TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRuleEPSS 1.7%CVE-2026-30312CRITICALDSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechaniEPSS 1.7%