CVEbaza.plCWE DictionaryCWE-77
Common Weakness Enumeration

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Category: ClassCVE: 4,186
Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

CVE vulnerabilities with CWE-77 (4,186)
10.0
CVSS
CRITICAL
CVE-2026-49199

Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device.

pub. 2026-05-29
10.0
CVSS
CRITICAL
CVE-2026-23652

Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.

pub. 2026-05-22
10.0
CVSS
CRITICAL
CVE-2026-26015

DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.

pub. 2026-04-29
10.0
CVSS
CRITICAL
CVE-2025-59818

This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.

pub. 2026-02-04
10.0
CVSS
CRITICAL
CVE-2025-64090

This vulnerability allows authenticated attackers to execute commands via the hostname of the device.

pub. 2026-01-09
10.0
CVSS
CRITICAL
CVE-2025-64093

Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device.

pub. 2026-01-09
10.0
CVSS
CRITICAL
CVE-2025-61492

A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input.

pub. 2026-01-07
10.0
CVSS
CRITICAL
CVE-2025-10035

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

pub. 2025-09-18🚩 CISA KEV⚡ EXPLOIT
10.0
CVSS
CRITICAL
CVE-2024-48841

Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.

pub. 2025-01-27
10.0
CVSS
CRITICAL
CVE-2024-34166

An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability.

pub. 2025-01-14
10.0
CVSS
CRITICAL
CVE-2024-39759

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists within the `restart_hour_value` POST parameter.

pub. 2025-01-14
10.0
CVSS
CRITICAL
CVE-2024-39760

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists within the `restart_min_value` POST parameter.

pub. 2025-01-14
10.0
CVSS
CRITICAL
CVE-2024-39761

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists within the `restart_week_value` POST parameter.

pub. 2025-01-14
10.0
CVSS
CRITICAL
CVE-2024-20418

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.

pub. 2024-11-06
10.0
CVSS
CRITICAL
CVE-2024-43693

A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.

pub. 2024-09-25
10.0
CVSS
CRITICAL
CVE-2024-45066

A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands.

pub. 2024-09-25
10.0
CVSS
CRITICAL
CVE-2024-3659

Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router.

pub. 2024-08-08
10.0
CVSS
CRITICAL
CVE-2024-29895

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc.

pub. 2024-05-14
10.0
CVSS
CRITICAL
CVE-2024-32766

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

pub. 2024-04-26
10.0
CVSS
CRITICAL
CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

pub. 2024-04-12🚩 CISA KEV⚡ EXPLOIT
Showing 20 of 4,186 vulnerabilities
Information
ID: CWE-77
Type: Class
Vulnerabilities: 4,186
MITRE CWE ↗
← CWE Dictionary