CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,570 vulnerabilities with CWE-77
CVE-2021-42559
HIGH
MITRE Caldera < 2.8.1 - Authenticated Command Injection via Startup Requirements
CVSS 8.8
CVE-2021-45456
CRITICAL
Apache Kylin 4.0.0 - Command Injection via Project Name Parameter
CVSS 9.8
CVE-2021-43711
CRITICAL
TOTOLINK EX200 V4.0.3c.7646_B20201211 - Command Injection
CVSS 9.8
CVE-2021-38542
MEDIUM
Apache James <3.6.1 - Command Injection
CVSS 5.9
CVE-2021-20167
HIGH
Netgear RAX43 1.0.3.96 - OS Command Injection via readycloud CGI Name Parameter
CVSS 8.0
CVE-2021-23727
HIGH
celery < 5.2.2 - Stored Command Injection via Backend Metadata Deserialization
CVSS 7.5
CVE-2021-45635
CRITICAL
NETGEAR CBR750 < 4.6.3.6 & Orbi < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45634
CRITICAL
NETGEAR CBR750 < 4.6.3.6 & Orbi < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45633
CRITICAL
NETGEAR CBR750 < 4.6.3.6 and RBR/RBS/RBK 750/850 < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45632
CRITICAL
NETGEAR devices <4.6.3.6-<3.2.17.12 - Command Injection
CVSS 9.6
CVE-2021-45631
CRITICAL
NETGEAR CBR40/RBR750/RBS750/RBK752/RBR850/RBS850/RBK852/CBR750 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45630
CRITICAL
NETGEAR CBR40/RBR750/RBS750/RBK752/RBR850/RBS850/RBK852/CBR750 - Unauthenticated Command Injection
CVSS 10.0
CVE-2021-45629
CRITICAL
NETGEAR CBR750 < 4.6.3.6 & Orbi < 3.2.17.12 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45628
CRITICAL
NETGEAR CBR40/RBR750/RBS750/RBK752/RBR850/RBS850/RBK852/RBS40V/RBW30/CBR750 Firmware - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45627
CRITICAL
NETGEAR CBR750/RBK852/RBR850/RBS850 - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45626
CRITICAL
NETGEAR RBK20/RBR20/RBS20/RBK40/RBR40/RBS40/RBK50/RBR50/RBS50/RBS50Y Firmware - Unauthenticated OS Command Injection
CVSS 9.6
CVE-2021-45625
CRITICAL
NETGEAR XR300/R7000P/R6900P Firmware - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45624
CRITICAL
NETGEAR Multiple Router Models Firmware - Unauthenticated Command Injection
CVSS 9.6
CVE-2021-45623
HIGH
NETGEAR R7800/R9000/XR500 Firmware - Unauthenticated Command Injection
CVSS 8.3
CVE-2021-45622
CRITICAL
NETGEAR devices - Command Injection
CVSS 9.6
CVE-2021-45621
CRITICAL
NETGEAR devices - Command Injection
CVSS 9.6
CVE-2021-45620
CRITICAL
NETGEAR devices - Command Injection
CVSS 9.6
CVE-2021-45619
CRITICAL
NETGEAR devices - Command Injection
CVSS 9.6
CVE-2021-45618
CRITICAL
NETGEAR devices <various - Command Injection
CVSS 9.6
CVE-2021-45617
CRITICAL
NETGEAR devices - Command Injection
CVSS 9.8
Details
Vulnerabilities
3,570
Exploit Likelihood
High