CWE-77— Command Injection
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.— MITRE CWE catalog
3,886 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-77page 50 of 78
- CVE-2024-53700HIGHCVSS 7.2EG 7.22025-03-07
A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability …
- CVE-2024-53899HIGHCVSS 7.8EG 7.82024-11-24
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.
- CVE-2024-53919HIGHCVSS 7.6EG 7.62024-12-10
An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or local admins to the webUI to trigger OS-level command executi…
- CVE-2024-53945HIGHCVSS 8.8EG 8.82025-08-14
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell met…
- CVE-2024-54006HIGHCVSS 7.2EG 7.22025-01-07
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of a…
- CVE-2024-54007HIGHCVSS 7.2EG 7.22025-01-07
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of a…
- CVE-2024-5461HIGHCVSS 8.0EG 8.02025-02-15
Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 (FC5022) embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform …
- CVE-2024-54660HIGHCVSS 8.7EG 8.72025-01-16
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC Connector for Impala before 2.6.35. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process …
- CVE-2024-54681LOWCVSS 3.5EG 3.52025-01-17
Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full access to the mobile platform to compromise the translations for the application.
- CVE-2024-54794CRITICALCVSS 9.1EG 9.12025-01-21
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution.
- CVE-2024-54802CRITICALCVSS 9.8EG 9.82025-03-31
In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header.
- CVE-2024-55030CRITICALCVSS 9.8EG 9.82025-03-25
A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows attackers to execute arbitrary commands.
- CVE-2024-55062CRITICALCVSS 9.8EG 9.82025-01-31
Code Injection vulnerability in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary code to /api/license/sendlicense/.
- CVE-2024-55063HIGHCVSS 8.8EG 8.82025-05-19
Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote authenticated attackers to execute arbitrary code via the (1) lang parameter to /international/keyboard/options; the (2) keyboard_layout or (3) keyboard…
- CVE-2024-55414CRITICALCVSS 9.8EG 9.82025-01-07
A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be exploited for privilege escalation, …
- CVE-2024-55461CRITICALCVSS 9.8EG 9.82024-12-18
SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext().
- CVE-2024-55466MEDIUMCVSS 6.5EG 6.52025-05-12
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2024-55544HIGHCVSS 8.8EG 8.82024-12-10
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.
- CVE-2024-55547CRITICALCVSS 9.8EG 9.82024-12-10
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
- CVE-2024-55956CRITICALCVSS 9.8EG 9.8⚠ KEV2024-12-13
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autor…
- CVE-2024-56084HIGHCVSS 7.1EG 7.12024-12-16
An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can inject payloads while creating Universal Normalizer. These are executed, leading to Remote Code Execution.
- CVE-2024-56085MEDIUMCVSS 5.9EG 5.92024-12-16
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while creating Search Template Dashboard. These are executed, leading to Server-Side Template Injection.
- CVE-2024-56086HIGHCVSS 7.1EG 7.12024-12-16
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in Report Templates. These are executed when the backup process is initiated, leading to Remote Code Execution.
- CVE-2024-56087MEDIUMCVSS 5.9EG 5.92024-12-16
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while querying Search Template Dashboard. These are executed, leading to Server-Side Template Injection.
- CVE-2024-56836HIGHCVSS 7.5EG 7.52025-12-09
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM …
- CVE-2024-56837HIGHCVSS 7.2EG 7.22025-12-09
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM …
- CVE-2024-57036HIGHCVSS 8.1EG 8.12025-01-21
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request.
- CVE-2024-57211HIGHCVSS 8.0EG 8.02025-01-10
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function.
- CVE-2024-57212MEDIUMCVSS 5.1EG 5.12025-01-10
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function.
- CVE-2024-57213MEDIUMCVSS 6.3EG 6.32025-01-10
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.
- CVE-2024-57214MEDIUMCVSS 6.3EG 6.32025-01-10
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57222MEDIUMCVSS 6.3EG 6.32025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
- CVE-2024-57223CRITICALCVSS 9.8EG 9.82025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-57224CRITICALCVSS 9.8EG 9.82025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2024-57225CRITICALCVSS 9.8EG 9.82025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57226HIGHCVSS 8.0EG 8.02025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
- CVE-2024-57227HIGHCVSS 8.0EG 8.02025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2024-57228HIGHCVSS 8.0EG 8.02025-01-10
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-57229CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57230CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2024-57231CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2024-57232CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-57233CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-57234CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
- CVE-2024-57235CRITICALCVSS 9.8EG 6.52025-05-05
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
- CVE-2024-57337MEDIUMCVSS 6.5EG 6.52025-05-28
An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
- CVE-2024-57338MEDIUMCVSS 6.5EG 6.52025-05-28
An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
- CVE-2024-57536HIGHCVSS 8.0EG 8.02025-01-21
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.
- CVE-2024-57539HIGHCVSS 8.2EG 8.22025-01-21
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail.
- CVE-2024-57583CRITICALCVSS 9.8EG 9.82025-01-16
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function.
Map vulnerabilities like CWE-77 to your infrastructure
EchelonGraph correlates every CVE — across CWE-77 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →