CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
5,967 vulnerabilities with CWE-78
CVE-2024-8359
MEDIUM
Visteon Infotainment - Command Injection
CVSS 6.8
CVE-2024-8358
MEDIUM
Visteon Infotainment - Command Injection
CVSS 6.8
CVE-2024-8809
HIGH
Cohesive Networks VNS3 - Command Injection
CVSS 8.8
CVE-2024-8808
HIGH
Cohesive Networks VNS3 - Command Injection
CVSS 8.8
CVE-2024-8807
CRITICAL
Cohesive Networks VNS3 - Command Injection
CVSS 9.8
CVE-2024-8806
CRITICAL
Cohesive Networks VNS3 - Command Injection
CVSS 9.8
CVE-2024-6247
MEDIUM
Wyze Cam v3 - Remote Code Execution
CVSS 6.8
CVE-2024-5720
HIGH
Logsign Unified SecOps Platform 6.4.6-6.4.7 - Remote Code Execution via HTTP API Command Injection
CVSS 8.8
CVE-2024-5719
HIGH
Logsign Unified SecOps Platform 6.4.6-6.4.7 - Remote Code Execution via HTTP API Command Injection
CVSS 8.8
CVE-2024-5717
HIGH
Logsign Unified SecOps Platform 6.4.6-6.4.7 - Remote Code Execution via HTTP API Command Injection
CVSS 8.8
CVE-2024-52723
CRITICAL
TOTOLINK X6000R V9.4.0cu.1041_B20240224 - OS Command Injection via Uci_Set Str Function
CVSS 9.8
CVE-2024-48861
HIGH
QNAP QuRouter < 2.4.4.106 - OS Command Injection
CVSS 7.8
CVE-2024-48860
CRITICAL
QuRouter < 2.4.3.103 - OS Command Injection
CVSS 9.8
CVE-2024-38644
HIGH
Notes Station 3 <3.9.7 - Command Injection
CVSS 8.8
CVE-2024-31408
HIGH
AIPHONE IX SYSTEM/IXG SYSTEM - Command Injection
CVSS 8.0
CVE-2024-52803
HIGH
llama-factory < 0.9.1 - OS Command Injection via Popen with shell=True
CVSS 7.5
CVE-2024-29224
CRITICAL
GoCast 1.1.3 - Unauthenticated OS Command Injection via NAT Parameter
CVSS 9.8
CVE-2024-28892
CRITICAL
GoCast 1.1.3 - Unauthenticated OS Command Injection via Name Parameter
CVSS 9.8
CVE-2024-28027
HIGH
MC Technologies MC LR Router 2.10.5 - Authenticated OS Command Injection via timer1 Parameter
CVSS 7.2
CVE-2024-28026
HIGH
MC Technologies MC LR Router 2.10.5 - Authenticated OS Command Injection via out1 Parameter
CVSS 7.2
CVE-2024-28025
HIGH
MC Technologies MC LR Router 2.10.5 - Authenticated OS Command Injection via btn1 Parameter
CVSS 7.2
CVE-2024-21786
HIGH
MC Technologies MC LR Router 2.10.5 - Authenticated OS Command Injection via Web Interface Configuration Upload
CVSS 7.2
CVE-2024-7517
HIGH
Brocade Fabric OS < 9.2.0c and 9.2.1-9.2.1a - Authenticated Command Injection via portcfg
CVSS 7.8
CVE-2024-51151
CRITICAL
D-Link DI-8200 16.07.26A1 - Remote Code Execution via msp_info_htm flag and cmd Parameters
CVSS 9.8
CVE-2024-48895
HIGH
Rakuten Turbo 5G <V1.3.18 - Command Injection
CVSS 8.8
Details
Vulnerabilities
5,967
Exploit Likelihood
High