CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
5,978 vulnerabilities with CWE-78
CVE-2023-44423
HIGH
D-Link DIR-X3260 < 1.04b01 Authenticated RCE via PPPoE Password Injection
CVSS 8.0
CVE-2023-44422
HIGH
D-Link DIR-X3260 Firmware < 1.04b01 - Authenticated Remote Code Execution via SetSysEmailSettings EmailFrom Parameter
CVSS 8.0
CVE-2023-44421
HIGH
D-Link DIR-X3260 < 1.04b01 Authenticated RCE via PPPoE Username Injection
CVSS 8.0
CVE-2023-44416
MEDIUM
D-Link DAP-2622 Firmware - Authenticated OS Command Injection via Telnet CLI
CVSS 6.8
CVE-2023-44415
HIGH
D-Link DIR-1260 and DIR-2150 Firmware - Authenticated OS Command Injection via CLI Service
CVSS 8.0
CVE-2023-44403
HIGH
D-Link DAP-1325 < 1.09b03 - Unauthenticated RCE via HNAP SetWLanRadioSettings
CVSS 8.8
CVE-2023-42128
HIGH
Magnet Forensics AXIOM - Remote Code Execution via Android Device Image Acquisition
CVSS 8.0
CVE-2023-42123
HIGH
Control Web Panel - Authenticated Remote Code Execution via mysql_manager Module
CVSS 8.8
CVE-2023-42122
HIGH
Control Web Panel - Local Privilege Escalation via wloggui Command Injection
CVSS 7.8
CVE-2023-42120
HIGH
Control Web Panel - Authenticated Remote Code Execution via DNS Zone Editor Command Injection
CVSS 8.8
CVE-2023-41201
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41200
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41199
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41198
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41197
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41196
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41195
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41194
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41193
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41192
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41191
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41190
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41189
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-41188
HIGH
D-Link DAP-1325 - Command Injection
CVSS 8.8
CVE-2023-40505
CRITICAL
LG Simple Editor - Command Injection
CVSS 9.8
Details
Vulnerabilities
5,978
Exploit Likelihood
High