CWE-77— Command Injection
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.— MITRE CWE catalog
3,877 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-77page 14 of 78
- CVE-2021-26311HIGHCVSS 7.2EG 7.22021-05-13
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the g…
- CVE-2021-26321MEDIUMCVSS 5.5EG 5.52021-11-16
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.
- CVE-2021-26384HIGHCVSS 7.8EG 7.82022-07-14
A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potent…
- CVE-2021-26422HIGHCVSS 7.2EG 7.22021-05-11
Skype for Business and Lync Remote Code Execution Vulnerability
- CVE-2021-26576HIGHCVSS 7.8EG 7.82021-02-08
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function.
- CVE-2021-26679HIGHCVSS 7.2EG 7.22021-02-23
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authen…
- CVE-2021-26680HIGHCVSS 7.2EG 7.22021-02-23
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authen…
- CVE-2021-26681HIGHCVSS 7.2EG 7.22021-02-23
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run a…
- CVE-2021-26683HIGHCVSS 7.2EG 7.22021-02-23
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authen…
- CVE-2021-26684HIGHCVSS 7.2EG 7.22021-02-23
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authen…
- CVE-2021-26727CRITICALCVSS 10.0EG 9.82022-10-24
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue …
- CVE-2021-26728CRITICALCVSS 10.0EG 9.82022-10-24
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner…
- CVE-2021-26729CRITICALCVSS 10.0EG 9.82022-10-24
Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue af…
- CVE-2021-26731CRITICALCVSS 9.1EG 9.82022-10-24
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). T…
- CVE-2021-26962HIGHCVSS 7.2EG 7.22021-03-05
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary …
- CVE-2021-26970MEDIUMCVSS 6.3EG 6.32021-03-05
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticat…
- CVE-2021-27185CRITICALCVSS 9.8EG 9.82021-02-10
The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec.
- CVE-2021-27221HIGHCVSS 8.1EG 8.12021-03-19
MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work
- CVE-2021-27447CRITICALCVSS 10.0EG 10.02021-12-21
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-27449CRITICALCVSS 9.9EG 9.92021-12-21
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
- CVE-2021-27561CRITICALCVSS 9.8EG 9.8⚠ KEV2021-10-15
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
- CVE-2021-27702HIGHCVSS 7.3EG 7.32024-11-12
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard.
- CVE-2021-27886CRITICALCVSS 9.8EG 9.82021-03-02
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.
- CVE-2021-27944CRITICALCVSS 9.8EG 9.82021-08-26
Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do not enforce access controls, allowing an unauthenticated threat actor to access privileged functionality, leading to OS command execution. The…
- CVE-2021-28143HIGHCVSS 8.0EG 8.02021-03-11
/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools).
- CVE-2021-28144HIGHCVSS 8.8EG 8.82021-03-11
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely.
- CVE-2021-28242HIGHCVSS 8.8EG 8.82021-04-15
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collecti…
- CVE-2021-28275MEDIUMCVSS 5.5EG 5.52022-03-23
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
- CVE-2021-28455HIGHCVSS 8.8EG 8.82021-05-11
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
- CVE-2021-28465HIGHCVSS 7.8EG 7.82021-05-11
Web Media Extensions Remote Code Execution Vulnerability
- CVE-2021-28474HIGHCVSS 8.8EG 8.82021-05-11
Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2021-28704HIGHCVSS 8.8EG 8.82021-11-24
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to p…
- CVE-2021-28707HIGHCVSS 8.8EG 8.82021-11-24
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to p…
- CVE-2021-28708HIGHCVSS 8.8EG 8.82021-11-24
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to p…
- CVE-2021-28811HIGHCVSS 7.2EG 7.22021-06-08
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later
- CVE-2021-28812HIGHCVSS 8.8EG 8.82021-06-03
A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station ve…
- CVE-2021-28927HIGHCVSS 7.8EG 7.82021-04-07
The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems tha…
- CVE-2021-28960CRITICALCVSS 9.8EG 9.82021-09-21
Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations.
- CVE-2021-28961HIGHCVSS 8.8EG 8.82021-03-21
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.
- CVE-2021-28962HIGHCVSS 7.2EG 7.22022-01-31
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.
- CVE-2021-29069HIGHCVSS 7.3EG 7.32021-03-23
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76.
- CVE-2021-29070HIGHCVSS 8.4EG 8.42021-03-23
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- CVE-2021-29071CRITICALCVSS 9.6EG 9.62021-03-23
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2…
- CVE-2021-29072HIGHCVSS 8.4EG 8.42021-03-23
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- CVE-2021-29076CRITICALCVSS 9.6EG 9.62021-03-23
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- CVE-2021-29077CRITICALCVSS 9.6EG 9.62021-03-23
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.…
- CVE-2021-29078CRITICALCVSS 9.6EG 9.62021-03-23
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 befo…
- CVE-2021-29079CRITICALCVSS 9.6EG 9.62021-03-23
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- CVE-2021-29143HIGHCVSS 7.2EG 7.22021-07-22
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba …
- CVE-2021-29154HIGHCVSS 7.8EG 7.82021-04-08
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_…
Map vulnerabilities like CWE-77 to your infrastructure
EchelonGraph correlates every CVE — across CWE-77 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →