CWE-77: Command Injection

CVE-2020-19001 is a command injection vulnerability in Simiki v1.6.2.1 and earlier that allows remote attackers to execute arbitrary system commands v...

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-816 routers through command injection in the web interface. Att...

This CVE describes a command injection vulnerability in NASCENT RemKon Device Manager 4.0.0.0 that allows attackers to execute arbitrary commands with...

This vulnerability in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute arbitrary code on affected programmable logic con...

This vulnerability in the lettre Rust crate allows attackers to inject arbitrary SMTP commands into email message bodies. By placing a period characte...

CVE-2021-38173 is a command injection vulnerability in Btrbk's SSH filtering script that allows authenticated remote users to execute arbitrary comman...

This vulnerability allows remote attackers to execute arbitrary commands on ProLink PRC2402M routers by injecting malicious commands into the led_cmd ...

This is a critical command injection vulnerability in QSAN XEVO and SANOS storage systems that allows remote unauthenticated attackers to execute arbi...

CVE-2019-25029 is a command injection vulnerability in Versa Director that allows attackers to execute arbitrary operating system commands with applic...

CVE-2020-28908 is a command injection vulnerability in Nagios Fusion 4.1.8 and earlier that allows attackers to execute arbitrary commands with elevat...

CVE-2020-28901 is a command injection vulnerability in Nagios Fusion that allows attackers to execute arbitrary commands with root privileges. The vul...

This vulnerability allows remote attackers to execute arbitrary commands on Pluck CMS servers through file upload functionality in the admin panel. It...

This CVE describes a command injection vulnerability in China Mobile An Lianbao WF-1 routers. Attackers can execute arbitrary commands on the device b...

CVE-2021-31726 is a remote command injection vulnerability in Akuvox C315 devices that allows attackers to execute arbitrary commands via the cfgd_ser...

This is a critical command injection vulnerability (CWE-77) in QNAP QTS and QuTS hero operating systems that allows attackers to execute arbitrary com...

CVE-2020-27227 is an unauthenticated command injection vulnerability in OpenClinic GA that allows remote attackers to execute arbitrary commands on th...

The eslint-fixer package for Node.js contains a command injection vulnerability that allows attackers to execute arbitrary commands on the host system...

CVE-2020-8298 is a command injection vulnerability in the fs-path Node.js module that allows attackers to execute arbitrary commands on the host syste...

CVE-2021-27185 is a command injection vulnerability in the samba-client Node.js package that allows attackers to execute arbitrary commands on the hos...

This is a critical command injection vulnerability in QNAP Helpdesk software that allows remote attackers to execute arbitrary commands on affected sy...

This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on Barco TransForm N network devices by injecting malicious c...

CVE-2020-24634 is a critical command injection vulnerability in Aruba networking devices that allows remote attackers to execute arbitrary commands by...

CVE-2019-7198 is a command injection vulnerability in QNAP NAS devices that allows attackers to execute arbitrary commands on affected systems. This a...

CVE-2019-19874 is a command injection vulnerability in B&R Industrial Automation APROL web interface that allows attackers to execute arbitrary comman...

CVE-2019-19872 is a command injection vulnerability in B&R Industrial Automation APROL's AprolLoader component that allows attackers to execute arbitr...

This CVE describes a command injection vulnerability in Moxa VPort 461 Series Industrial Video Servers that allows remote attackers to execute arbitra...

This is a critical command injection vulnerability in QNAP Music Station that allows remote attackers to execute arbitrary commands on affected system...

CVE-2020-11698 is a critical command injection vulnerability in SpamTitan's SNMP configuration page that allows remote attackers to execute arbitrary ...

This CVE describes an SQL injection vulnerability in Citrix XenMobile Server that allows attackers to execute arbitrary SQL commands. Affected organiz...

A command injection vulnerability in the devcert module allows attackers to execute arbitrary commands on affected systems when untrusted input is pas...

This vulnerability allows remote command execution as root on Coolify instances when users create applications from malicious repositories using the d...

CVE-2025-67511 is a command injection vulnerability in Cybersecurity AI (CAI) framework versions 0.5.9 and below. Attackers can inject malicious comma...

This critical vulnerability in ActADUR local server allows attackers to execute arbitrary commands on affected systems through multiple weaknesses inc...

ECOVACS robot lawnmowers and vacuums are vulnerable to unauthenticated command injection via Bluetooth Low Energy (BLE) connections. Attackers within ...

An unauthenticated command injection vulnerability in the gena.cgi module of D-Link DAP-1650 devices allows remote attackers to execute arbitrary comm...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems. It affects multiple NETGEAR Orbi m...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems through command injection. It affec...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems. It affects multiple NETGEAR router...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems. It affects multiple NETGEAR Orbi a...

CVE-2021-45621 is a critical command injection vulnerability affecting multiple NETGEAR routers, extenders, and WiFi systems. Unauthenticated attacker...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR routers via command injection. It affects multip...

CVE-2021-45613 is a critical command injection vulnerability affecting multiple NETGEAR routers and WiFi systems. Unauthenticated attackers can execut...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR routers and WiFi systems through command injecti...

This CVE allows unauthenticated remote attackers to execute arbitrary commands on affected NETGEAR devices via command injection. It impacts numerous ...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on NETGEAR XR1000 routers. Attackers can gain full control of affect...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR Orbi WiFi systems. It affects multiple RBK, RBR,...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR devices via command injection. It affects multip...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems. It affects multiple Orbi mesh WiFi...

This vulnerability allows authenticated users to execute arbitrary commands on affected NETGEAR WiFi systems through command injection. It affects mul...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR WiFi systems. It affects RBK852, RBK853, RBK854,...