CWE-77— Command Injection
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.— MITRE CWE catalog
3,886 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-77page 54 of 78
- CVE-2025-14184MEDIUMCVSS 6.3EG 6.32025-12-07
A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. Th…
- CVE-2025-14188HIGHCVSS 7.2EG 7.22025-12-07
A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. The manipulation of the argument path leads …
- CVE-2025-14204MEDIUMCVSS 6.3EG 6.32025-12-07
A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of…
- CVE-2025-14208MEDIUMCVSS 6.3EG 6.32025-12-08
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub_415028 of the file /goform/set_wan_settings. The manipulation of the argument ppp_username results in command injection. It is possible to…
- CVE-2025-14225MEDIUMCVSS 6.3EG 6.32025-12-08
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be e…
- CVE-2025-14276MEDIUMCVSS 5.6EG 5.62025-12-08
A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown function of the file /ajax/php/leaf_search.php. This manipulation of the argument line causes command injection. The attack can be initiated …
- CVE-2025-1448HIGHCVSS 7.3EG 7.32025-02-19
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command…
- CVE-2025-14485MEDIUMCVSS 5.0EG 5.02025-12-11
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aak…
- CVE-2025-14586MEDIUMCVSS 6.3EG 6.32025-12-13
A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os comman…
- CVE-2025-14648MEDIUMCVSS 4.7EG 4.72025-12-14
A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to command injection. It is possible to launch th…
- CVE-2025-14659HIGHCVSS 8.8EG 8.82025-12-14
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch …
- CVE-2025-14705CRITICALCVSS 9.8EG 9.82025-12-15
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. …
- CVE-2025-14706CRITICALCVSS 9.8EG 9.82025-12-15
A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/http_eshell_server of the component NETREBOOT Interface. Such manipulation leads to command injection. The attack can be …
- CVE-2025-14707CRITICALCVSS 9.8EG 9.82025-12-15
A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/http_eshell_server of the component DOCKER Feature. Performing manipulation of the argument params results in command…
- CVE-2025-14756HIGHCVSS 8.8EG 8.82026-01-26
Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser de…
- CVE-2025-14884HIGHCVSS 7.2EG 7.22025-12-18
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remot…
- CVE-2025-1497CRITICALCVSS 9.8EG 9.82025-03-10
A vulnerability, that could result in Remote Code Execution (RCE), has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code. Vendor commented out vulnerable line, further usage o…
- CVE-2025-15048HIGHCVSS 7.3EG 7.32025-12-23
A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection…
- CVE-2025-15081MEDIUMCVSS 6.3EG 6.32025-12-25
A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub_4780 of the file /jdcapi. Such manipulation of the argument ddns_name leads to command injection. The attack may be performed from remote. T…
- CVE-2025-15131MEDIUMCVSS 6.3EG 6.32025-12-28
A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2_api_SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack …
- CVE-2025-15132MEDIUMCVSS 6.3EG 6.32025-12-28
A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2_api_open of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is…
- CVE-2025-15133MEDIUMCVSS 6.3EG 6.32025-12-28
A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2_api_CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injectio…
- CVE-2025-15136HIGHCVSS 8.8EG 8.82025-12-28
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function do_setWizard_asp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured lead…
- CVE-2025-15137HIGHCVSS 8.8EG 8.82025-12-28
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function sub_F934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The …
- CVE-2025-15139MEDIUMCVSS 6.3EG 6.32025-12-28
A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub_43ACF4 of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed rem…
- CVE-2025-15191MEDIUMCVSS 6.3EG 6.32025-12-29
A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fota_url causes command injection. Remote expl…
- CVE-2025-15192MEDIUMCVSS 6.3EG 6.32025-12-29
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injectio…
- CVE-2025-15254MEDIUMCVSS 6.3EG 6.32025-12-30
A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely.…
- CVE-2025-15256HIGHCVSS 7.3EG 7.32025-12-30
A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web-based Configuration Interface. The manipulation of the argument rootAPmac leads…
- CVE-2025-15257HIGHCVSS 7.3EG 7.32025-12-30
A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument …
- CVE-2025-15357MEDIUMCVSS 6.3EG 6.32025-12-30
A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The expl…
- CVE-2025-1536HIGHCVSS 7.3EG 7.32025-02-21
A vulnerability was found in Raisecom Multi-Service Intelligent Gateway up to 20250208. It has been declared as critical. This vulnerability affects unknown code of the file /vpn/vpn_template_style.php of the component Request Parameter Ha…
- CVE-2025-15366MEDIUMCVSS 5.9EG 5.92026-01-20
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
- CVE-2025-15367MEDIUMCVSS 5.9EG 5.92026-01-20
The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
- CVE-2025-15379CRITICALCVSS 9.8EG 9.82026-03-30
A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency…
- CVE-2025-15391MEDIUMCVSS 6.3EG 6.32025-12-31
A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been…
- CVE-2025-1546HIGHCVSS 7.3EG 7.32025-02-21
A vulnerability has been found in BDCOM Behavior Management and Auditing System up to 20250210 and classified as critical. Affected by this vulnerability is the function log_operate_clear of the file /webui/modules/log/operate.mds. The man…
- CVE-2025-15471CRITICALCVSS 9.8EG 9.82026-01-07
A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the argument SZCMD results in os command injection. It is possible to launch the attac…
- CVE-2025-15472HIGHCVSS 7.2EG 7.22026-01-07
A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be init…
- CVE-2025-1549MEDIUMCVSS 6.3EG 6.32025-10-29
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmit…
- CVE-2025-15499HIGHCVSS 8.8EG 8.82026-01-09
A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os c…
- CVE-2025-15500CRITICALCVSS 9.8EG 9.82026-01-09
A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulati…
- CVE-2025-15501CRITICALCVSS 9.8EG 9.82026-01-09
A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath caus…
- CVE-2025-15502HIGHCVSS 7.3EG 7.32026-01-10
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostn…
- CVE-2025-15607CRITICALCVSS 9.8EG 9.82026-03-20
A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file content into shell commands, enabling aut…
- CVE-2025-1608MEDIUMCVSS 6.3EG 6.32025-02-24
A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/set_manpwd. The manipulation of the argument routepwd leads to os command injection. It …
- CVE-2025-1609MEDIUMCVSS 6.3EG 6.32025-02-24
A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/set_cmd. The manipulation of the argument cmd leads to os command injec…
- CVE-2025-1610MEDIUMCVSS 6.3EG 6.32025-02-24
A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/set_blacklist. The manipulation of the argument mac/enable leads to os command injec…
- CVE-2025-1616MEDIUMCVSS 4.7EG 4.72025-02-24
A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Addres…
- CVE-2025-1676MEDIUMCVSS 6.3EG 6.32025-02-25
A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command inject…
Map vulnerabilities like CWE-77 to your infrastructure
EchelonGraph correlates every CVE — across CWE-77 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →