CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,331 vulnerabilities with CWE-77
CVE-2026-7155
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setLoginPasswordCfg os command injection
CVSS 9.8
CVE-2026-7154
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setAdvancedInfoShow os command injection
CVSS 9.8
CVE-2026-7153
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection
CVSS 9.8
CVE-2026-7152
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setTelnetCfg os command injection
CVSS 9.8
CVE-2026-31255
CRITICAL
Tenda AC18 V15.03.05.05 - Command Injection
CVSS 9.8
CVE-2026-7140
CRITICAL
Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection
CVSS 9.8
CVE-2026-7139
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setWiFiAclRules os command injection
CVSS 9.8
CVE-2026-7138
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setNtpCfg os command injection
CVSS 9.8
CVE-2026-7137
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection
CVSS 9.8
CVE-2026-7136
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection
CVSS 9.8
CVE-2026-30352
CRITICAL
leonvanzyl autocoder 79d02a - RCE
CVSS 9.8
CVE-2026-7125
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection
CVSS 9.8
CVE-2026-7124
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection
CVSS 9.8
CVE-2026-7123
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setIptvCfg os command injection
CVSS 9.8
CVE-2026-7122
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection
CVSS 9.8
CVE-2026-7121
CRITICAL
Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection
CVSS 9.8
CVE-2026-7119
HIGH
Tenda HG3 formCountrystr os command injection
CVSS 8.8
CVE-2026-7102
MEDIUM
Tenda F456 httpd WriteFacMac FromWriteFacMac command injection
CVSS 6.3
CVE-2026-7096
HIGH
Tenda HG3 formgponConf os command injection
CVSS 8.8
CVE-2026-7067
HIGH
D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection
CVSS 7.3
CVE-2026-7066
HIGH
choieastsea simple-openstack-mcp server.py exec_openstack os command injection
CVSS 7.3
CVE-2026-7064
HIGH
AgentDeskAI browser-tools-mcp browser-connector.ts os command injection
CVSS 7.3
CVE-2026-7062
HIGH
Intina47 context-sync Git Integration git-integration.ts os command injection
CVSS 7.3
CVE-2026-7061
HIGH
Toowiredd chatgpt-mcp-server MCP/HTTP docker.service.ts os command injection
CVSS 7.3
CVE-2026-7058
HIGH
666ghj MiroFish Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injection
CVSS 7.3
Details
Vulnerabilities
3,331
Exploit Likelihood
High