Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-3009 Tenda FH1205 WriteFacMac formWriteFacMac command injection — FH1205 6.3 Medium2024-03-27
CVE-2024-2991 Tenda FH1203 WriteFacMac formWriteFacMac command injection — FH1203 6.3 Medium2024-03-27
CVE-2024-1540 Command Injection in gradio-app/gradio via deploy+test-visual.yml workflow — gradio-app/gradio 7.5 -2024-03-27
CVE-2024-2982 Tenda FH1202 WriteFacMac formWriteFacMac command injection — FH1202 5.5 Medium2024-03-27
CVE-2024-24897 Remote command execution in A-Tune-Collector — A-Tune-Collector 8.1 High2024-03-25
CVE-2024-2642 Ruijie RG-NBS2009G-P EXCU_SHELL command injection — RG-NBS2009G-P 7.3 High2024-03-19
CVE-2023-41334 astropy vulnerable to RCE in TranformGraph().to_dot_graph function — astropy 8.4 High2024-03-18
CVE-2024-26204 Outlook for Android Information Disclosure Vulnerability — Microsoft Outlook for Android 7.5 High2024-03-12
CVE-2024-25998 PHOENIX CONTACT: Command injection in the OCPP Service — CHARX SEC-3000 7.3 High2024-03-12
CVE-2024-22127 Code Injection vulnerability in SAP NetWeaver AS Java (Administrator Log Viewer plug-in) — SAP NetWeaver AS Java (Administrator Log Viewer plug-in) 9.1 Critical2024-03-12
CVE-2024-2352 1Panel swap baseApi.UpdateDeviceSwap command injection — 1Panel 6.3 Medium2024-03-10
CVE-2024-0817 PaddlePaddle 命令注入漏洞 — paddlepaddle/paddle 8.4AIHighAI2024-03-07
CVE-2024-1781 Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection — X6000R AX3000 6.3 Medium2024-02-23
CVE-2024-23346 pymatgen arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string — pymatgen 9.4 Critical2024-02-21
CVE-2024-22093 Appliance mode iControl REST vulnerability — BIG-IP 8.7 High2024-02-14
CVE-2024-20667 Azure DevOps Server Remote Code Execution Vulnerability — Azure DevOps Server 2022 7.5 High2024-02-13
CVE-2023-47218 QTS, QuTS hero, QuTScloud — QTS 5.8 Medium2024-02-13
CVE-2023-46687 Emerson Rosemount GC370XA, GC700XA, GC1500XA Command Injection — Rosemount GC370XA 9.8 Critical2024-02-09
CVE-2023-49716 Emerson Rosemount GC370XA, GC700XA, GC1500XA Command Injection — Rosemount GC370XA 6.9 Medium2024-02-09
CVE-2023-47562 Photo Station — Photo Station 7.4 High2024-02-02
CVE-2023-45025 QTS, QuTS hero, QuTScloud — QTS 9.0 Critical2024-02-02
CVE-2023-41283 QTS, QuTS hero, QuTScloud — QTS 5.5 Medium2024-02-02
CVE-2023-41282 QTS, QuTS hero, QuTScloud — QTS 5.5 Medium2024-02-02
CVE-2023-41281 QTS, QuTS hero, QuTScloud — QTS 5.5 Medium2024-02-02
CVE-2024-21488 Network Utilies for Node.js 安全漏洞 — network 7.3 High2024-01-30
CVE-2024-0920 TRENDnet TEW-822DRE POST Request admin_ping.htm command injection — TEW-822DRE 7.2 High2024-01-26
CVE-2024-0919 TRENDnet TEW-815DAP POST Request do_setNTP command injection — TEW-815DAP 8.8 High2024-01-26
CVE-2024-23628 Motorola MR2600 SaveStaticRouteIPv6Params Command Injection Vulnerability — MR2600 9.0 Critical2024-01-25
CVE-2024-23627 Motorola MR2600 SaveStaticRouteIPv4Params Command Injection Vulnerability — MR2600 9.0 Critical2024-01-25
CVE-2024-23626 Motorola MR2600 SaveSysLogParams Command Injection Vulnerability — MR2600 9.0 Critical2024-01-25

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.