Vulnerabilities (CVE)

Filtered by CWE-77
Total 3411 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-2982 1 Tenda 2 Fh1202, Fh1202 Firmware 2026-06-17 5.2 MEDIUM 5.5 MEDIUM
A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258151. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-2947 2026-06-17 N/A 7.3 HIGH
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
CVE-2024-2642 1 Ruijie 2 Rg-nbs2009g-p, Rg-nbs2009g-p Firmware 2026-06-17 7.5 HIGH 7.3 HIGH
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-2366 1 Lollms 1 Lollms Web Ui 2026-06-17 N/A 9.0 CRITICAL
A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically within the reinstall_binding functionality in lollms_core/lollms/server/endpoints/lollms_binding_infos.py of the latest version. The vulnerability arises due to insufficient path sanitization, allowing an attacker to exploit path traversal to navigate to arbitrary directories. By manipulating the binding_path to point to a controlled directory and uploading a malicious __init__.py file, an attacker can execute arbitrary code on the server.
CVE-2024-2352 1 Fit2cloud 1 1panel 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in 1Panel up to 1.10.1-lts. Affected by this issue is the function baseApi.UpdateDeviceSwap of the file /api/v1/toolbox/device/update/swap. The manipulation of the argument Path with the input 123123123\nopen -a Calculator leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-256304.
CVE-2024-29949 2026-06-17 N/A 7.2 HIGH
There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
CVE-2024-29946 1 Splunk 1 Splunk 2026-06-17 N/A 8.1 HIGH
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser.
CVE-2024-29895 2026-06-17 N/A 10.0 CRITICAL
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc.
CVE-2024-29864 1 89luca89 1 Distrobox 2026-06-17 N/A 9.8 CRITICAL
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables.
CVE-2024-29737 1 Apache 1 Streampark 2026-06-17 N/A 4.7 MEDIUM
In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and have system-level permissions. Generally, only users of that system have the authorization to log in, and users would not manually input a dangerous operation command. Therefore, the risk level of this vulnerability is very low. Mitigation: all users should upgrade to 2.1.4 Background info: Log in to Streampark using the default username (e.g. test1, test2, test3) and the default password (streampark). Navigate to the Project module, then add a new project. Enter the git repository address of the project and input `touch /tmp/success_2.1.2` as the "Build Argument". Note that there is no verification and interception of the special character "`". As a result, you will find that this injection command will be successfully executed after executing the build. In the latest version, the special symbol ` is intercepted.
CVE-2024-29435 1 Alldata 1 Alldata 2026-06-17 N/A 4.1 MEDIUM
An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter.
CVE-2024-29404 2026-06-17 N/A 7.8 HIGH
An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component.
CVE-2024-29385 1 Dlink 2 Dir-845l, Dir-845l Firmware 2026-06-17 N/A 9.0 CRITICAL
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function.
CVE-2024-29366 1 Dlink 2 Dir-845l, Dir-845l Firmware 2026-06-17 N/A 8.8 HIGH
A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03.
CVE-2024-29292 2026-06-17 N/A 9.1 CRITICAL
Multiple OS Command Injection vulnerabilities affecting Kasda LinkSmart Router KW6512 <= v1.3 enable an authenticated remote attacker to execute arbitrary OS commands via various cgi parameters.
CVE-2024-29269 1 Telesquare 2 Tlr-2005ksh, Tlr-2005ksh Firmware 2026-06-17 N/A 8.8 HIGH
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
CVE-2024-28739 1 Koha 1 Koha 2026-06-17 N/A 7.2 HIGH
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter.
CVE-2024-28729 1 Dlink 2 Dwr-2000m, Dwr-2000m Firmware 2026-06-17 N/A 9.8 CRITICAL
An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted request.
CVE-2024-28726 2026-06-17 N/A 8.0 HIGH
An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function.
CVE-2024-28545 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function.