Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-88

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

359 vulnerabilities with CWE-88

CVE-2025-35010 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 - Authenticated Command Injection via AT+MNPINGTM

CVE-2025-35009 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware - Authenticated Command Injection via AT+MNNETSP

CVE-2025-35008 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware < 1.2.0-r1132 - Authenticated Command Injection via AT+MMNAME

CVE-2025-35007 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware - Authenticated Command Injection via AT+MFRULE

CVE-2025-35006 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware - Authenticated Command Injection via AT+MFPORTFWD

CVE-2025-35005 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware - Authenticated Command Injection via AT+MFMAC

CVE-2025-35004 HIGH

Microhard BulletLTE-NA2 and IPn4Gii-NA2 Firmware < 1.2.0-r1132 - Authenticated Command Injection via AT+MFIP

CVE-2025-32459 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via router_command.sh sync_time Argument

CVE-2025-32458 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via router_command.sh get_syslog_from_qtn Argument

CVE-2025-32457 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via router_command.sh get_file_from_qtn Argument

CVE-2025-32456 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via router_command.sh put_file_to_qtn Argument

CVE-2025-32455 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via router_command.sh run_cmd Argument

CVE-2025-49008 CRITICAL

Atheos < 6.0.4 - OS Command Injection via Execute.php Argument Injection

CVE-2025-3945 HIGH

Tridium Niagara <4.14.2-4.15.1-4.10.11 - Command Injection

CVE-2025-1712 HIGH

Checkmk <2.4.0p1,<2.3.0p32,<2.2.0p42,2.1.0 - Command Injection

CVE-2025-31499 HIGH

jellyfin < 10.10.7 - Authenticated Argument Injection in FFmpeg via Stream Endpoints

CVE-2025-32931 CRITICAL

DevDojo Voyager <1.8.0 - Command Injection

CVE-2025-29768 MEDIUM

Vim < 9.1.1198 - Data Loss via Crafted Zip File in zip.vim

CVE-2025-27146 LOW

matrix-appservice-irc <3.0.3 - Command Injection

CVE-2025-24845 MEDIUM

Defense Platform Home Edition <3.9.51.x - Command Injection

CVE-2025-0065 HIGH

TeamViewer <15.62 - Privilege Escalation

CVE-2025-23073 LOW

Wikimedia Foundation Mediawiki - GlobalBlocking Extension - Info Di...

CVE-2025-21613 CRITICAL

go-git < 5.13.0 - Argument Injection via File Transport Protocol

CVE-2024-58275 HIGH

Easywall 0.3.1 - Authenticated Remote Command Execution via Ports-Save Endpoint

CVE-2024-47516 CRITICAL

Pagure Repository History - Git Argument Injection Code Execution

Previous Page 5 of 15 Next

Details

Vulnerabilities 359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy