CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
5,966 vulnerabilities with CWE-78
CVE-2025-15101
HIGH
ASUS Router - Authenticated OS Command Injection via Web Management Interface
CVSS 8.8
CVE-2025-11571
LOW
Silicon Labs Simplicity Studio v5 < 5.11.2.1 - Same-Network Command Execution
CVE-2025-15519
HIGH
Command Injection in Modem Management CLI on TP-Link Archer NX200, NX210, NX500 and NX600
CVSS 7.2
CVE-2025-15518
HIGH
Command Injection in Wireless Control CLI on TP-Link Archer NX200, NX210, NX500 and NX600
CVSS 7.2
CVE-2025-63261
HIGH
AWStats 8.0 - OS Command Injection via Open Function
CVSS 7.8
CVE-2025-15060
CRITICAL
claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability
CVSS 9.8
CVE-2025-70082
CRITICAL
Lantronix EDS3000PS 3.1.0.0R2 - Code Injection
CVSS 9.8
CVE-2025-67041
CRITICAL
Lantronix EDS3000PS 3.1.0.0R2 - Command Injection
CVSS 9.8
CVE-2025-66178
HIGH
Fortinet FortiWeb - Command Injection
CVSS 7.2
CVE-2025-41709
CRITICAL
Janitza UMG 96RM-E and Weidmueller ENERGY METER 750 < 3.13 - Unauthenticated OS Command Injection via Modbus-TCP/RTU
CVSS 9.8
CVE-2025-70039
CRITICAL
Linagora Twake 2023.Q1.1223 - Command Injection
CVSS 9.8
CVE-2025-15568
HIGH
Archer AXE75 v1.6/v1.0 - Command Injection
CVSS 8.0
CVE-2025-59783
HIGH
2N Access Commander 3.4.1 - Command Injection
CVSS 7.2
CVE-2025-13688
MEDIUM
IBM DataStage 5.1.2-5.3.0 - Command Injection
CVSS 6.3
CVE-2025-13687
MEDIUM
IBM DataStage 5.1.2-5.3.0 - Command Injection
CVSS 6.3
CVE-2025-13686
MEDIUM
IBM DataStage 5.1.2-5.3.0 - Command Injection
CVSS 6.3
CVE-2025-67840
HIGH
Cohesity TranZman 4.0-SEP2025 - Command Injection
CVSS 7.2
CVE-2025-63911
HIGH
Cohesity TranZman 4.0 Build 14614 - Command Injection
CVSS 7.2
CVE-2025-50197
HIGH
Chamilo <1.11.30 - Command Injection
CVSS 7.2
CVE-2025-50196
HIGH
Chamilo <1.11.30 - Command Injection
CVSS 7.2
CVE-2025-50195
HIGH
Chamilo <1.11.30 - Command Injection
CVSS 7.2
CVE-2025-50194
HIGH
Chamilo <1.11.30 - Command Injection
CVSS 7.2
CVE-2025-50193
HIGH
Chamilo <1.11.30 - Command Injection
CVSS 7.2
CVE-2025-30044
CRITICAL
CGM CliniNET - OS Command Injection via usrlogstat_simple.pl Parameter
CVE-2025-13943
HIGH
Zyxel EX3301-T0 <5.50(ABVY.7)C0 - Command Injection
CVSS 8.8
Details
Vulnerabilities
5,966
Exploit Likelihood
High