CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,570 vulnerabilities with CWE-77
CVE-2020-8186
CRITICAL
devcert < 1.1.2 - Remote Code Execution via certificateFor Function
CVSS 9.8
CVE-2020-8188
HIGH
Unifi Cloud Key Gen2 Plus/UNVR - Privilege Escalation
CVSS 8.8
CVE-2020-5601
HIGH
Chrome Extension for e-Tax Reception System <Ver1.0.0.0 - Command I...
CVSS 8.8
CVE-2020-9583
CRITICAL
Magento < 1.9.4.5, 1.14.4.4, 2.2.11, 2.3.4 - Remote Code Execution
CVSS 9.8
CVE-2020-9582
CRITICAL
Magento < 1.9.4.5, 1.14.4.4, 2.2.11, 2.3.4-p2 - Remote Code Execution
CVSS 9.8
CVE-2020-9578
CRITICAL
Magento < 1.9.4.5, < 1.14.4.4, < 2.2.11, <= 2.3.4 - Remote Code Execution
CVSS 9.8
CVE-2020-9576
CRITICAL
Magento < 1.9.4.5, 1.14.4.4, 2.2.11, 2.3.4-p2 - Remote Code Execution
CVSS 9.8
CVE-2020-14472
CRITICAL
Draytek Vigor3900, Vigor2960, and Vigor300B Firmware < 1.5.1.1 - OS Command Injection in mainfunction.cgi
CVSS 9.8
CVE-2020-10561
CRITICAL
Xiaomi Mi Jia ink-jet printer < 3.4.6_0138 - Command Injection
CVSS 9.8
CVE-2020-12782
CRITICAL
Openfind MailGates - Command Injection
CVSS 9.8
CVE-2020-4059
HIGH
mversion < 2.0.0 - Remote Code Execution via Git Commit Message Injection
CVSS 7.3
CVE-2020-14442
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14441
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14440
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14439
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14438
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14437
HIGH
NETGEAR RBK/RBR/RBS 750/840/850 Series < 3.2.15.25 - Unauthenticated OS Command Injection
CVSS 8.8
CVE-2020-14436
HIGH
NETGEAR RBK/RBR/RBS 750/850/840 Series < 3.2.15.25 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14435
HIGH
NETGEAR SRK60/SRS60/SRR60/SRK60B03/SRK60B04/SRK60B05/SRK60B06 Firmware < 2.5.2.104 - Unauthenticated Command Injection
CVSS 8.8
CVE-2020-14434
MEDIUM
NETGEAR RBK/RBR/RBS 750/850/840 Series < 3.2.15.25 - Authenticated Command Injection
CVSS 6.8
CVE-2020-14433
MEDIUM
NETGEAR RBK/RBR/RBS 852/853/842/850/840/752/753/750 < 3.2.15.25 - Authenticated Command Injection
CVSS 6.8
CVE-2020-3279
HIGH
Cisco Small Business - Command Injection
CVSS 7.2
CVE-2020-3278
HIGH
Cisco Small Business - Command Injection
CVSS 7.2
CVE-2020-3277
HIGH
Cisco Small Business - Command Injection
CVSS 7.2
CVE-2020-3276
HIGH
Cisco Small Business - Command Injection
CVSS 7.2
Details
Vulnerabilities
3,570
Exploit Likelihood
High