CWE-77: Command Injection

This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...

This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...

This CVE describes a command injection vulnerability in Ruijie Networks RG-EW1200 wireless routers that allows attackers to execute arbitrary commands...

This critical vulnerability in TOTOLink CP900 outdoor CPE devices allows attackers to execute arbitrary commands via command injection in the mtd_writ...

This CVE describes a command injection vulnerability in TP-Link MR3020 routers that allows remote attackers to execute arbitrary commands via crafted ...

CVE-2023-27224 is a command injection vulnerability in Nginx Proxy Manager v2.9.19 that allows attackers to execute arbitrary code via malicious Lua s...

CVE-2023-22747 allows unauthenticated attackers to execute arbitrary commands on Aruba access points by sending malicious packets to UDP port 8211. Th...

CVE-2023-22749 allows unauthenticated attackers to execute arbitrary commands on Aruba access points by sending malicious packets to the PAPI UDP port...

This is a critical command injection vulnerability in Huawei BiSheng-WNM firmware that allows attackers to execute arbitrary system commands on affect...

This vulnerability allows remote attackers to execute arbitrary commands on affected Tenda products via command injection. It affects multiple Tenda c...

This vulnerability in ASUS ASMB8 iKVM firmware allows remote attackers to execute arbitrary code via SNMP commands that create malicious extensions. A...

CVE-2023-25805 is a command injection vulnerability in versionn software that allows attackers to execute arbitrary commands on the system. All users ...

This CVE describes a command injection vulnerability in QVidium Technologies Amino A140 devices running firmware versions prior to 1.0.0-283. Attacker...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink A7100RU routers by injecting malicious commands into the province...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the admpas...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands through the web...

CVE-2022-40022 is a critical command injection vulnerability in Microchip Technology SyncServer S650 network time servers that allows unauthenticated ...

CVE-2021-31573 is a command injection vulnerability in MediaTek Config Manager that allows remote attackers to execute arbitrary commands without auth...

CVE-2021-31575 is a command injection vulnerability in MediaTek's Config Manager that allows remote attackers to execute arbitrary commands without au...

CVE-2023-23333 is a critical command injection vulnerability in SolarView Compact versions up to 6.00 that allows remote attackers to execute arbitrar...

This critical vulnerability in TOTOLINK T8 routers allows remote attackers to execute arbitrary commands by sending specially crafted MQTT packets to ...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK T8 routers via command injection in the slaveIpList parameter of ...

This critical vulnerability in TOTOLINK T8 routers allows remote attackers to execute arbitrary commands by sending specially crafted MQTT packets to ...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the FileNa...

This CVE describes a command injection vulnerability in TOTOLINK T8 routers that allows attackers to execute arbitrary commands via crafted MQTT packe...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the NetDia...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the hour p...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the minute...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers via command injection in the NTPSyncWithHost fu...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious input into the NetDiagPi...

CVE-2016-4991 is a command injection vulnerability in nodepdf's PDF rendering function. Attackers can inject shell commands through specially crafted ...

CVE-2020-28438 is a command injection vulnerability in the deferred-exec npm package that allows attackers to execute arbitrary commands on the host s...

CVE-2020-28443 is a command injection vulnerability in the sonar-wrapper npm package that allows attackers to execute arbitrary commands on the host s...

CVE-2020-28446 is a command injection vulnerability in the ntesseract npm package that allows attackers to execute arbitrary commands on the host syst...

CVE-2022-2143 is a critical command injection vulnerability in Advantech iView NetworkServlet that allows remote attackers to execute arbitrary code o...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK EX300_V2 routers by sending specially crafted MQTT packets contai...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink WL-WN575A3 routers via a crafted POST request to the obtw function...

This vulnerability allows remote attackers to execute arbitrary commands on ASUS RT-N53 routers by injecting malicious commands into the SystemCmd par...

CVE-2022-29712 allows remote attackers to execute arbitrary commands on LibreNMS servers through command injection vulnerabilities in service_ip, host...

This CVE-2022-28618 is a critical command injection vulnerability in HPE Nimble Storage arrays that allows attackers to execute arbitrary commands on ...

CVE-2022-27588 is a critical command injection vulnerability in QNAP QVR software that allows attackers to execute arbitrary commands on affected syst...

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Ruijie Networks RG-EW series routers via the checkNet function...

CVE-2021-23247 is a command injection vulnerability in the Quick Game Engine that allows remote attackers to execute arbitrary code on affected system...

CVE-2022-27076 is a command injection vulnerability in Tenda M3 routers that allows attackers to execute arbitrary commands on the device. This affect...

This CVE describes a command injection vulnerability in Tenda M3 routers that allows attackers to execute arbitrary commands on the device. The vulner...

CVE-2022-27080 is a command injection vulnerability in Tenda M3 routers that allows attackers to execute arbitrary commands on the device. This affect...

CVE-2022-27082 is a command injection vulnerability in Tenda M3 routers that allows attackers to execute arbitrary commands on the device. This affect...

CVE-2022-26186 is a command injection vulnerability in TOTOLINK N600R routers that allows attackers to execute arbitrary commands on the device via th...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK N600R routers via the NTPSyncWithHost setting. Attackers can gain...

CVE-2021-45876 allows unauthenticated attackers to execute arbitrary commands on GARO Wallbox charging stations by injecting malicious code into the f...