CWE-77: Command Injection

pgAdmin versions up to 8.4 contain a remote code execution vulnerability in the validate binary path API. Attackers can exploit this to execute arbitr...

This CVE describes an OS command injection vulnerability in QNAP Photo Station that allows authenticated users to execute arbitrary commands on the sy...

This CVE describes an OS command injection vulnerability in QuMagie, a photo management application from QNAP. It allows authenticated users to execut...

This CVE describes a remote command injection vulnerability in Totolink N300RH routers. Attackers can execute arbitrary operating system commands by m...

This vulnerability allows low-privileged users on NVIDIA Cumulus Linux and NVOS systems to inject commands through the NVUE interface, potentially lea...

This vulnerability allows remote attackers to execute arbitrary operating system commands on systems running Vaelsys 4.1.0 by exploiting an OS command...

This CVE describes an OS command injection vulnerability in Tosei Online Store Management System 1.01. Attackers can execute arbitrary operating syste...

This vulnerability allows remote attackers to execute arbitrary operating system commands on systems running vulnerable versions of yued-fe LuLu UI. T...

This CVE describes an OS command injection vulnerability in the Great Developers Certificate Generation System that allows remote attackers to execute...

This CVE describes a remote command injection vulnerability in Sangfor Operation and Maintenance Management System. Attackers can execute arbitrary op...

A command injection vulnerability in Aqara Hub devices allows attackers to execute arbitrary commands with root privileges by exploiting malicious dom...

This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows unauthenticated remote attackers to execute arbitra...

This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows unauthenticated remote attackers to execute arbitra...

This CVE describes a remote command injection vulnerability in Wavlink WL-WN578W2 routers. Attackers can execute arbitrary operating system commands b...

This CVE describes a remote command injection vulnerability in D-Link DIR-860L routers via the Simple Service Discovery Protocol (SSDP) service. Attac...

This critical vulnerability in Zend.To allows remote attackers to execute arbitrary operating system commands through command injection in the exec fu...

This critical vulnerability in D-Link DIR-816 routers allows remote attackers to execute arbitrary operating system commands via command injection in ...

This critical vulnerability in Fujian Kelixun 1.0 allows remote attackers to execute arbitrary operating system commands via command injection in the ...

A directory traversal vulnerability in forkosh Mime TeX allows attackers on Windows systems to read or append arbitrary files by manipulating input pa...

This critical vulnerability allows remote attackers to execute arbitrary operating system commands on systems running SourceCodester Web-based Pharmac...

This vulnerability allows remote attackers to execute arbitrary code on Whoogle Search instances by sending specially crafted search queries. It affec...

This vulnerability allows remote attackers to execute arbitrary code on affected Oncord+ Android Infotainment Systems via the ADB (Android Debug Bridg...

This critical vulnerability in Digital China DCME-520 devices allows remote attackers to execute arbitrary operating system commands by manipulating t...

This critical vulnerability allows remote attackers to execute arbitrary operating system commands on BDCOM Behavior Management and Auditing Systems b...

This CVE describes a command injection vulnerability in Mitel OpenScape 4000 and OpenScape 4000 Manager platforms. Unauthenticated attackers can execu...

This critical vulnerability allows remote attackers to execute arbitrary operating system commands on affected DrayTek gateway devices through command...

This vulnerability in Databricks JDBC Driver allows remote code execution via JNDI injection through a crafted JDBC URL containing the krbJAASFile par...

This vulnerability allows attackers to bypass authentication via the diagnostic utility in the Sercomm Router Etisalat Model S3-AC2100 dashboard. It e...

An unauthenticated command injection vulnerability in Fortinet FortiClientEMS allows attackers to execute limited database operations via crafted requ...

This vulnerability allows remote attackers to execute arbitrary commands on Tenda FH1203 routers by injecting malicious commands through the cmdinput ...

This critical vulnerability in Ruijie RG-NBS2009G-P network switches allows remote attackers to execute arbitrary commands via command injection in th...

CVE-2024-25998 allows unauthenticated remote attackers to execute arbitrary commands on OCPP (Open Charge Point Protocol) services due to improper inp...

CVE-2024-21488 is a command injection vulnerability in the network npm package that allows attackers to execute arbitrary operating system commands. T...

The Snowflake Connector for .NET is vulnerable to command injection via SSO URL authentication, allowing remote code execution if an attacker tricks a...

This vulnerability allows authenticated users on certain NETGEAR routers to execute arbitrary commands through command injection. It affects XR450, XR...

This CVE describes a remote command injection vulnerability in the UTT HiPER 520 router's web management interface. Attackers can execute arbitrary op...

This CVE describes a remote command injection vulnerability in Advantech WISE-6610 devices. Attackers can execute arbitrary operating system commands ...

This CVE describes a remote command injection vulnerability in D-Link DCS-931L IP cameras. Attackers can execute arbitrary operating system commands b...

This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary operating system commands by m...

This vulnerability allows remote attackers to execute arbitrary operating system commands on UTT 进取 521G devices through command injection in the ...

This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers that allows remote attackers to execute arbitrary commands on affe...

This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary operating system commands by m...

This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary operating system commands by m...

This CVE describes a remote command injection vulnerability in D-Link DIR-615 routers through the web configuration interface. Attackers can execute a...

This CVE describes an OS command injection vulnerability in D-Link DIR-615 routers affecting the DMZ Host feature. Attackers can execute arbitrary com...

This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary operating system commands by m...

This CVE describes a remote OS command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary commands on affected device...

This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers that allows remote attackers to execute arbitrary commands on affe...

This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers can execute arbitrary operating system commands by m...

This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers. Attackers can remotely execute arbitrary commands by manipulating...