CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,552 vulnerabilities with CWE-77
CVE-2026-34259
HIGH
OS Command Injection Vulnerability in SAP Forecasting & Replenishment
CVSS 8.2
CVE-2026-8346
MEDIUM
D-Link DIR-816 portForward command injection
CVSS 6.3
CVE-2026-8345
MEDIUM
D-Link DIR-816 singlePortForward sub_445E7C command injection
CVSS 6.3
CVE-2026-8344
MEDIUM
D-Link DIR-816 formDMZ.cgi sub_445E7C command injection
CVSS 6.3
CVE-2026-36734
HIGH
EDIMAX BR-6428nS V3 1.15 - Command Injection
CVSS 8.8
CVE-2026-36983
HIGH
D-Link DCS-932L v2.18.01 - Command Injection
CVSS 7.3
CVE-2026-8273
MEDIUM
D-Link DNS-320 system_mgr.cgi cgi_merge_user os command injection
CVSS 4.7
CVE-2026-8272
MEDIUM
D-Link DNS-320 webfile_mgr.cgi chown os command injection
CVSS 4.7
CVE-2026-8271
MEDIUM
D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command injection
CVSS 4.7
CVE-2026-8265
MEDIUM
Tenda AC6 httpd getLogFile get_log_file os command injection
CVSS 4.7
CVE-2026-8264
MEDIUM
Tenda AC6 httpd WifiApScan formWifiApScan os command injection
CVSS 6.3
CVE-2026-8263
MEDIUM
Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection
CVSS 4.7
CVE-2026-8259
MEDIUM
Tenda AC6 httpd telnet os command injection
CVSS 4.7
CVE-2026-8235
MEDIUM
8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection
CVSS 5.5
CVE-2026-8230
MEDIUM
Wavlink NU516U1 login.cgi sys_login1 os command injection
CVSS 6.3
CVE-2026-8229
MEDIUM
Wavlink NU516U1 wireless.cgi WifiBasic os command injection
CVSS 6.3
CVE-2026-8228
MEDIUM
Wavlink NU516U1 wireless.cgi advance os command injection
CVSS 6.3
CVE-2026-8227
MEDIUM
Wavlink NU516U1 adm.cgi wzdapMesh os command injection
CVSS 6.3
CVE-2026-8217
MEDIUM
Industrial Application Software IAS Canias ERP RMI Runtime.getRuntime.exec os command injection
CVSS 6.3
CVE-2026-8210
MEDIUM
aandrew-me tgpt Update helper.go helper.Update command injection
CVSS 5.3
CVE-2026-42258
CRITICAL
net-imap: Command Injection via unvalidated Symbol inputs
CVSS 9.8
CVE-2026-42257
CRITICAL
net-imap: Command Injection via "raw" arguments to multiple commands
CVSS 9.8
CVE-2026-8192
MEDIUM
Wavlink NU516U1 adm.cgi wzdap os command injection
CVSS 6.3
CVE-2026-8191
MEDIUM
Wavlink NU516U1 adm.cgi wifi_region os command injection
CVSS 6.3
CVE-2026-8190
MEDIUM
Wavlink NU516U1 adm.cgi wan os command injection
CVSS 6.3
Details
Vulnerabilities
3,552
Exploit Likelihood
High