2024 CWE Top 25 Most Dangerous Software Weaknesses: Improper Neutralisation of Special Elements used in a Command (‘Command Injection’) CWE-77
CWE-77 refers to the improper neutralisation of special elements used in a command. These special elements, when inadequately sanitised, allow attackers to inject malicious commands that the system interprets and executes. This vulnerability commonly appears in applications that dynamically construct system commands based on user inputs.