CWE-78

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.

LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Devices with IP address setting tool “MagicalFinder” provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.