CWE-77
High likelihoodImproper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
3,570 vulnerabilities with CWE-77
CVE-2023-34153
HIGH
ImageMagick < 7.1.1-11 - OS Command Injection via video:vsync or video:pixel-format Options
CVSS 7.8
CVE-2023-26130
HIGH
yhirose/cpp-httplib < 0.12.4 - CRLF Injection
CVSS 7.5
CVE-2023-26129
HIGH
bwm-ng - OS Command Injection in check Function
CVSS 8.4
CVE-2023-26128
HIGH
keep-module-latest - Command Injection
CVSS 8.4
CVE-2023-26127
HIGH
n158 - OS Command Injection via Improper Input Sanitization in module.exports
CVSS 7.8
CVE-2023-31460
HIGH
MiVoice Connect <9.6.2208.101 - Command Injection
CVSS 7.2
CVE-2023-2868
CRITICAL
KEV
Barracuda Email Security Gateway <9.2.0.006 - Command Injection
CVSS 9.4
CVE-2023-31996
HIGH
Hanwha IP Camera ANE-L7012R <1.41.01 - Command Injection
CVSS 8.8
CVE-2023-31741
HIGH
Linksys E2000 1.0.06 - Command Injection
CVSS 7.2
CVE-2023-31740
HIGH
Linksys E2000 <1.0.06 - Command Injection
CVSS 7.2
CVE-2023-31742
HIGH
Linksys WRT54GL 4.30.18.006 - Command Injection
CVSS 7.2
CVE-2023-33294
CRITICAL
KaiOS < 3.1 - Unauthenticated Remote Code Execution via Local Web Server on Port 2929
CVSS 9.8
CVE-2023-33235
HIGH
MXsecurity 1.0 - Authenticated Command Injection via SSH CLI Restricted Shell Bypass
CVSS 7.2
CVE-2023-32700
HIGH
LuaTeX < 1.17.0 - Remote Code Execution via io.popen Access
CVSS 7.8
CVE-2023-31729
CRITICAL
TOTOLINK A3300R <17.0.0cu.557 - Command Injection
CVSS 9.8
CVE-2023-2491
HIGH
Emacs - Remote Code Execution via org-babel-execute:latex Function
CVSS 7.8
CVE-2023-31701
HIGH
TP-Link TL-WPA4530 KIT V2 - Command Injection
CVSS 8.8
CVE-2023-31700
HIGH
TP-Link TL-WPA4530 KIT V2 - Command Injection
CVSS 8.8
CVE-2023-31208
HIGH
Checkmk <2.0.0p36-2.2.0b8 - Command Injection
CVSS 8.3
CVE-2023-31856
CRITICAL
TOTOLINK CP300+ V5.2cu.7594_B20200910 - Command Injection
CVSS 9.8
CVE-2023-31986
CRITICAL
Edimax Wireless Router N300 Firmware BR-6428NS_v4 - Command Injection
CVSS 9.8
CVE-2023-31983
CRITICAL
Edimax Wireless Router N300 Firmware BR-6428NS_v4 - Command Injection
CVSS 9.8
CVE-2023-32073
HIGH
WWBN AVideo < 12.4 - Remote Code Execution via CloneSite Plugin
CVSS 8.8
CVE-2023-2682
MEDIUM
Caton Live <2023-04-26 - Command Injection
CVSS 6.3
CVE-2023-31985
CRITICAL
Edimax Wireless Router N300 Firmware BR-6428NS_v4 - Command Injection
CVSS 9.8
Details
Vulnerabilities
3,570
Exploit Likelihood
High