Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2025-45492 Command Injection vulnerability in Netgear Ex8000 Firmware 1.0.0.126
Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-4357 Command Injection vulnerability in Tendacn RX3 Firmware 16.03.13.11Multi
A vulnerability was found in Tenda RX3 16.03.13.11_multi.
network
low complexity
tendacn CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-4341 A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01.
network
low complexity
CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-4340 Command Injection vulnerability in Dlink Dir-806 Firmware and Dir-890L Firmware
A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57229 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57230 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57231 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57232 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57233 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2025-05-05 CVE-2024-57234 Command Injection vulnerability in Netgear Rax50 Firmware 1.0.2.26
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
network
low complexity
netgear CWE-77
critical
 9.8
9.8