CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,567 vulnerabilities with CWE-77
CVE-2025-25743
HIGH
D-Link DIR-853 A1 FW1.20B07 - OS Command Injection in SetVirtualServerSettings
CVSS 7.2
CVE-2025-23094
HIGH
Mitel OpenScape 4000 - Command Injection
CVSS 7.3
CVE-2025-23239
HIGH
F5 BIG-IP - Authenticated Remote Command Injection via iControl REST Endpoint
CVSS 8.7
CVE-2025-20184
MEDIUM
Cisco AsyncOS Software - Command Injection
CVSS 6.5
CVE-2025-0798
HIGH
MicroWorld eScan Antivirus 7.0.32 - Command Injection
CVSS 8.1
CVE-2025-24150
HIGH
Safari < 18.3 - Command Injection via Web Inspector URL Copy
CVSS 8.8
CVE-2025-23196
HIGH
Apache Ambari < 2.7.9 - Authenticated Remote Code Execution via Alert Script Filename
CVSS 8.8
CVE-2025-0528
HIGH
Tenda AC8,AC10,AC18 16.03.10.20 - Command Injection
CVSS 7.2
CVE-2025-22912
CRITICAL
Edimax RE11S v1.11 - OS Command Injection via formAccept Component
CVSS 9.8
CVE-2025-23052
HIGH
Network Management Service - Command Injection
CVSS 7.2
CVE-2025-0396
HIGH
exelban stats <2.11.21 - Command Injection
CVSS 7.8
CVE-2025-22949
CRITICAL
Tenda AC9 Firmware 15.03.05.19 - OS Command Injection via SetSambaCfg Endpoint
CVSS 9.8
CVE-2025-0328
HIGH
KaiYuanTong ECT Platform <2.0.0 - Command Injection
CVSS 7.3
CVE-2024-24909
HIGH
Dell OpenManage < 3.2 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVSS 8.8
CVE-2024-52011
HIGH
launch-editor < 2.9.0 - OS Command Injection via File Argument
CVE-2024-45257
HIGH
BYOB 2.0 - Unauthenticated Remote Command Execution via Payload Build Parameter
CVSS 7.3
CVE-2024-30167
MEDIUM
Atlona ATOMERX21 - Authenticated Command Injection
CVSS 6.3
CVE-2024-53412
HIGH
NietThijmen ShoppingCart 0.0.2 - Command Injection
CVSS 8.4
CVE-2024-43028
CRITICAL
jeecg boot 3.0.0-3.5.3 - Command Injection
CVSS 9.8
CVE-2024-46062
HIGH
Miniconda3 < 23.11.0-1 - Local Privilege Escalation via World-Writable Installer Files
CVSS 7.8
CVE-2024-46060
HIGH
Anaconda3 < 2024.06-1 - Local Privilege Escalation via World-Writable Installer Files
CVSS 7.8
CVE-2024-56837
HIGH
RUGGEDCOM ROX -<V2.17.0 - Path Traversal
CVSS 7.2
CVE-2024-56836
HIGH
RUGGEDCOM ROX -<V2.17.0 - Path Traversal
CVSS 7.5
CVE-2024-57695
HIGH
Agnitum Outpost Security Suite 7.5.3-7.6 - Local Command Injection via Lock Function
CVSS 7.7
CVE-2024-51317
MEDIUM
NetSurf 3.11 - Remote Code Execution via DOM Node Normalize Function
CVSS 6.5
Details
Vulnerabilities
3,567
Exploit Likelihood
High