Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2025-02-12 CVE-2024-12251 Command Injection vulnerability in Telerik UI for Winui
In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements.
local
low complexity
telerik CWE-77
7.8
7.8
2025-01-29 CVE-2025-0798 A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux.
network
high complexity
CWE-77
8.1
8.1
2025-01-27 CVE-2025-24150 Command Injection vulnerability in Apple products
A privacy issue was addressed with improved handling of files.
network
low complexity
apple CWE-77
8.8
8.8
2025-01-16 CVE-2024-57583 Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2025-01-14 CVE-2024-39759 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39760 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39761 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39762 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1
2025-01-14 CVE-2024-39763 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1
2025-01-14 CVE-2024-39764 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1