CWE-77— Command Injection
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.— MITRE CWE catalog
3,892 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-77page 62 of 78
- CVE-2025-5573CRITICALCVSS 9.8EG 6.32025-06-04
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os…
- CVE-2025-55824MEDIUMCVSS 6.5EG 6.52025-09-02
ModStartCMS v9.5.0 has an arbitrary file write vulnerability, which allows attackers to write malicious files and execute malicious commands to obtain sensitive data on the server.
- CVE-2025-55848HIGHCVSS 8.8EG 6.52025-09-26
An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the set_cassword settings interface, as the http_casswd parameter is not filtered by '&'to allow injection of reverse connection commands.
- CVE-2025-55893MEDIUMCVSS 6.5EG 6.52025-12-15
TOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via hostName.
- CVE-2025-55901MEDIUMCVSS 6.5EG 6.52025-12-15
TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function NTPSyncWithHost via the host_time parameter.
- CVE-2025-55911MEDIUMCVSS 6.5EG 6.52025-09-18
An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter
- CVE-2025-5606CRITICALCVSS 9.8EG 6.32025-06-04
A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argument list leads to command injection. Th…
- CVE-2025-5620CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument localIP/remoteIP leads to os command i…
- CVE-2025-5621CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address…
- CVE-2025-56406HIGHCVSS 7.5EG 7.52025-09-10
An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtain sensitive information or execute arbitrary commands via the SSE service. NOTE: the Supplier's position is that authentication is not mandatory for MCP servers, and the…
- CVE-2025-56425CRITICALCVSS 9.1EG 9.12026-01-08
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earl…
- CVE-2025-56426MEDIUMCVSS 6.5EG 6.52025-10-09
An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly.
- CVE-2025-56706HIGHCVSS 8.0EG 8.02025-09-16
Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execution (RCE) vulnerability via the Object parameter in the openwrt_getConfig function.
- CVE-2025-56769MEDIUMCVSS 6.5EG 6.52025-09-25
An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.
- CVE-2025-56799MEDIUMCVSS 6.5EG 6.52025-10-21
Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if th…
- CVE-2025-56814HIGHCVSS 7.8EG 7.82026-06-15
A code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters.
- CVE-2025-5695MEDIUMCVSS 4.7EG 4.72025-06-05
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such m…
- CVE-2025-57105CRITICALCVSS 9.8EG 9.82025-08-22
The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd pr…
- CVE-2025-57164MEDIUMCVSS 6.5EG 6.52025-10-17
Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
- CVE-2025-57198HIGHCVSS 8.8EG 8.82025-12-03
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a…
- CVE-2025-57199HIGHCVSS 8.8EG 8.82025-12-03
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via …
- CVE-2025-57200MEDIUMCVSS 6.5EG 6.52025-12-03
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a c…
- CVE-2025-57201HIGHCVSS 8.8EG 8.82025-12-03
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a …
- CVE-2025-57282HIGHCVSS 8.8EG 8.82026-05-18
ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.
- CVE-2025-57285CRITICALCVSS 9.8EG 9.82025-09-08
codeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatenates the user-controlled directoryPath parameter without sanitization or escaping, allowing attac…
- CVE-2025-57293HIGHCVSS 8.8EG 8.82025-09-18
A command injection vulnerability in COMFAST CF-XR11 (firmware V2.7.2) exists in the multi_pppoe API, processed by the sub_423930 function in /usr/bin/webmgnt. The phy_interface parameter is not sanitized, allowing attackers to inject arbi…
- CVE-2025-57296MEDIUMCVSS 6.5EG 6.52025-09-19
Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the sub_ADBC0 hel…
- CVE-2025-57521MEDIUMCVSS 6.1EG 6.12025-10-21
Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity…
- CVE-2025-5763HIGHCVSS 8.8EG 4.72025-06-06
A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launche…
- CVE-2025-57633CRITICALCVSS 9.8EG 9.82025-09-09
A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /ftp.html endpoint's "Upload File" action constructs a shell command from the ftp_file para…
- CVE-2025-57685HIGHCVSS 8.8EG 6.52025-09-22
The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can expl…
- CVE-2025-57733MEDIUMCVSS 5.5EG 5.52025-08-20
In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
- CVE-2025-58132MEDIUMCVSS 4.1EG 4.12025-10-15
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.
- CVE-2025-58178HIGHCVSS 7.8EG 7.82025-09-02
SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untruste…
- CVE-2025-58358HIGHCVSS 7.5EG 7.52025-09-04
Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exe…
- CVE-2025-5836MEDIUMCVSS 6.3EG 6.32025-06-07
A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list lead…
- CVE-2025-58428CRITICALCVSS 9.9EG 9.92025-10-23
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linu…
- CVE-2025-59046CRITICALCVSS 9.8EG 9.82025-09-09
The npm package `interactive-git-checkout` is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via …
- CVE-2025-59252CRITICALCVSS 9.3EG 6.52025-10-09
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
- CVE-2025-59272CRITICALCVSS 9.3EG 6.52025-10-09
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally.
- CVE-2025-59286CRITICALCVSS 9.3EG 6.52025-10-09
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
- CVE-2025-59337MEDIUMCVSS 6.8EG 6.82025-10-01
Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to acces…
- CVE-2025-59376LOWCVSS 3.7EG 5.32025-09-15
feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word (i.e., "…
- CVE-2025-59458HIGHCVSS 8.3EG 8.32025-09-17
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation
- CVE-2025-59468CRITICALCVSS 9.0EG 9.02026-01-08
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter.
- CVE-2025-59470CRITICALCVSS 9.0EG 9.02026-01-08
This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.
- CVE-2025-5952HIGHCVSS 7.3EG 7.32025-06-10
A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_1 leads to os command injection. The att…
- CVE-2025-59689MEDIUMCVSS 6.1EG 9.0⚠ KEV2025-09-19
Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in …
- CVE-2025-59735CRITICALCVSS 9.8EG 9.82025-10-02
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned…
- CVE-2025-59736CRITICALCVSS 9.8EG 9.82025-10-02
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned…
Map vulnerabilities like CWE-77 to your infrastructure
EchelonGraph correlates every CVE — across CWE-77 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →