Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-4341 D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection — DIR-880L 6.3 Medium2025-05-06
CVE-2025-4340 D-Link DIR-890L/DIR-806A1 soap.cgi sub_175C8 command injection — DIR-890L 6.3 Medium2025-05-06
CVE-2025-43844 GHSL-2025-014_Retrieval-based-Voice-Conversion-WebUI — Retrieval-based-Voice-Conversion-WebUI 9.8AICriticalAI2025-05-05
CVE-2025-43843 GHSL-2025-013_Retrieval-based-Voice-Conversion-WebUI — Retrieval-based-Voice-Conversion-WebUI 9.8AICriticalAI2025-05-05
CVE-2025-43842 GHSL-2025-012_Retrieval-based-Voice-Conversion-WebUI — Retrieval-based-Voice-Conversion-WebUI 9.8AICriticalAI2025-05-05
CVE-2025-4135 Netgear WG302v2 ui_get_input_value command injection — WG302v2 6.3 Medium2025-04-30
CVE-2025-4122 Netgear JWNR2000v2 sub_435E04 command injection — JWNR2000v2 6.3 Medium2025-04-30
CVE-2025-4121 Netgear JWNR2000v2 cmd_wireless command injection — JWNR2000v2 6.3 Medium2025-04-30
CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection — BL-AC3600 6.3 Medium2025-04-29
CVE-2025-3987 TOTOLINK N150RT formWsc command injection — N150RT 6.3 Medium2025-04-27
CVE-2025-3983 AMTT Hotel Broadband Operation System nlog_down.php command injection — Hotel Broadband Operation System 4.7 Medium2025-04-27
CVE-2025-43858 YoutubeDLSharp allows command injection on windows system due to non sanitized arguments — YoutubeDLSharp 9.2 Critical2025-04-24
CVE-2025-43012 JetBrains Toolbox 命令注入漏洞 — Toolbox App 8.3 High2025-04-17
CVE-2025-3546 H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15 8.0 High2025-04-14
CVE-2025-3545 H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15 8.0 High2025-04-14
CVE-2025-3544 H3C Magic BE18000 HTTP POST Request getCapabilityWeb FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15 8.0 High2025-04-14
CVE-2025-3543 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injection — Magic NX15 8.0 High2025-04-14
CVE-2025-3542 H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injection — Magic NX15 8.0 High2025-04-13
CVE-2025-3541 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injection — Magic NX15 8.0 High2025-04-13
CVE-2025-3540 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getCapability FCGI_WizardProtoProcess command injection — Magic NX15 8.0 High2025-04-13
CVE-2025-3539 H3C Magic BE18000 HTTP POST Request getBasicInfo FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15 8.0 High2025-04-13
CVE-2025-3249 TOTOLINK A6000R mtkwifi.lua apcli_cancel_wps command injection — A6000R 6.3 Medium2025-04-04
CVE-2025-3008 Novastar CX40 NetFilter Utility netconfig popen command injection — CX40 5.5 Medium2025-03-31
CVE-2025-2916 Aishida Call Center System amr2mp3 command injection — Call Center System 6.3 Medium2025-03-28
CVE-2024-9773 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab — GitLab 3.7 Low2025-03-27
CVE-2025-2732 H3C Magic BE18000 HTTP POST Request getWifiNeighbour command injection — Magic NX15 8.0 High2025-03-25
CVE-2025-2731 H3C Magic BE18000 HTTP POST Request getDualbandSync command injection — Magic NX15 8.0 High2025-03-25
CVE-2025-2730 H3C Magic BE18000 HTTP POST Request getssidname command injection — Magic NX15 8.0 High2025-03-25
CVE-2025-2729 H3C Magic BE18000 HTTP POST Request networkSetup command injection — Magic NX15 8.0 High2025-03-25
CVE-2025-2728 H3C Magic NX30 Pro/Magic NX400 getNetworkConf command injection — Magic NX30 Pro 8.0 High2025-03-25

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.