CWE-77: Command Injection

This vulnerability in idocv v.14.1.3_20231228 allows remote attackers to execute arbitrary code and access sensitive information through crafted scrip...

This vulnerability allows unauthenticated remote attackers to execute arbitrary commands with root privileges on Emerson gas chromatograph devices. Af...

This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-816A2 routers via a command injection flaw in the wizardstep4_ssid_...

CVE-2024-23745 is a Dirty NIB attack vulnerability in Notion Web Clipper 1.0.3(7) where manipulated .nib files can execute arbitrary commands. Even wi...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers through the sub_415C80 function. Attackers can gai...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via the sub_41284C function. Attackers can gain fu...

CVE-2023-51887 is a critical command injection vulnerability in Mathtex v1.05 and earlier that allows remote attackers to execute arbitrary commands o...

A command injection vulnerability in the ssdpcgi_main function of the cgibin binary in D-Link DIR-815 router firmware allows remote attackers to execu...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink A3700R routers via the NTPSyncWithHost function. Attackers can ga...

This CVE describes a command injection vulnerability in FLIR AX8 thermal cameras that allows attackers to execute arbitrary commands on the device via...

This vulnerability allows remote attackers to execute arbitrary Bash commands with root privileges on Cassia Gateway devices by exploiting unsanitized...

CVE-2023-51707 is a critical command injection vulnerability in Array Networks' MotionPro VPN client on AG and vxAG appliances. It allows remote attac...

This vulnerability allows remote attackers to execute arbitrary commands on Tenda i29 routers through the pingSet function. Attackers can gain full co...

This CVE describes a command injection vulnerability in Tenda i29 routers that allows attackers to execute arbitrary commands on the device. The vulne...

This vulnerability allows authenticated attackers to execute arbitrary commands on NETGEAR WNR2000v4 routers via HTTP SOAP authentication. Attackers w...

The flash_tool gem for Ruby versions through 0.6.0 contains a command injection vulnerability that allows attackers to execute arbitrary commands on t...

This CVE describes a command injection vulnerability in Tenda AX9 routers that allows attackers to execute arbitrary commands on the device. The vulne...

Tenda AX9 routers running firmware version V22.03.01.46 contain a command injection vulnerability in the SetNetControlList function. This allows attac...

This CVE describes a command injection vulnerability in Tenda AX12 routers where an attacker can execute arbitrary commands via the 'mac' parameter in...

This vulnerability allows remote command execution on TOTOLINK X6000R routers by exploiting improper input validation in the shttpd component. Attacke...

This CVE describes a command injection vulnerability in D-Link Go-RT-AC750 routers that allows attackers to execute arbitrary commands via the service...

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK X6000R routers by exploiting improper input validation in the setDiag...

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK X6000R routers via the command parameter in the setting/setTraceroute...

This vulnerability allows remote attackers to execute arbitrary code on Tenda AX1803 routers by sending specially crafted requests to the adslPwd para...

CVE-2023-49210 is a critical command injection vulnerability in the malicious 'openssl' NPM package (also called node-openssl) that allows attackers t...

This vulnerability allows remote attackers to execute arbitrary PHP code on Qualitor systems through improper input validation in the gridValoresPopHi...

This vulnerability allows remote attackers to execute arbitrary code on TOTOlink X6000R routers via the setLedCfg function. Attackers can gain full co...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by exploiting improper input validation in the set...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by injecting malicious commands into the file_name...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via command injection in the setLedCfg function. A...

CVE-2023-45498 is a command injection vulnerability in VinChin Backup & Recovery software that allows attackers to execute arbitrary commands on affec...

This CVE describes a command execution vulnerability in TOTOLINK X6000R routers that allows attackers to execute arbitrary commands on the device. The...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via the sub_415258 function. It affects users runn...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via the sub_4155DC function. Attackers can gain fu...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via the sub_41E588 function. Attackers can gain fu...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers without authentication via a specific function. It...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via a specific function. Attackers can gain full c...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via a specific function (sub_411D00). Attackers ca...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers via the sub_417094 function. Attackers can gain fu...

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3700R routers by exploiting the FileName parameter in the UploadFirm...

CVE-2023-36953 is a command injection vulnerability in TOTOLINK CP300+ routers that allows attackers to execute arbitrary commands on affected devices...

This vulnerability allows unauthenticated attackers to bypass authentication and execute arbitrary commands on Vitogate 300 devices by injecting shell...

This vulnerability allows remote attackers to execute arbitrary commands on Netis N3Mv2 routers by injecting malicious code into the ddnsDomainName pa...

CVE-2023-43891 is a command injection vulnerability in Netis N3Mv2 routers that allows attackers to execute arbitrary commands on the device by sendin...

This CVE describes a critical command injection vulnerability in D-LINK DWL-6610 access points running firmware version 4.3.0.8B003C. Attackers can ex...

CVE-2023-43204 is a critical command injection vulnerability in D-LINK DWL-6610 access points that allows attackers to execute arbitrary operating sys...

This CVE describes a command injection vulnerability in D-LINK DWL-6610 access points that allows attackers to execute arbitrary commands via the conf...

This is an unauthenticated remote command execution vulnerability in FUXA SCADA/HMI software that allows attackers to execute arbitrary commands on af...

This CVE describes a command injection vulnerability in D-LINK DIR-859 routers that allows remote attackers to execute arbitrary commands on the devic...

This vulnerability allows remote attackers to execute arbitrary commands on China Mobile HG6543C4 home gateways via the shortcut_telnet.cg component. ...