Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-23625 D-Link DAP-1650 SUBSCRIBE Callback Command Injection Vulnerability — DAP-1650 9.6 Critical2024-01-25
CVE-2024-23624 D-Link DAP-1650 gena.cgi SUBSCRIBE Command Injection Vulnerability — DAP-1650 9.6 Critical2024-01-25
CVE-2023-7227 Command Injection vulnerability in SystemK NVR 504/508/516 — NVR 504 9.8 Critical2024-01-25
CVE-2024-0579 Totolink X2000R formMapDelDevice command injection — X2000R 6.3 Medium2024-01-16
CVE-2023-42136 PAX Technology Android based POS 安全漏洞 — POS terminals 7.8 High2024-01-15
CVE-2024-22198 Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) — nginx-ui 7.1 High2024-01-11
CVE-2024-22197 Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) — nginx-ui 7.7 High2024-01-11
CVE-2024-20676 Azure Storage Mover Remote Code Execution Vulnerability — Azure Storage Mover 8.0 High2024-01-09
CVE-2024-0291 Totolink LR1200GB cstecgi.cgi UploadFirmwareFile command injection — LR1200GB 6.3 Medium2024-01-08
CVE-2023-47560 QuMagie — QuMagie 7.4 High2024-01-05
CVE-2023-51664 tj-actions/changed-files command injection in output filenames — changed-files 7.3 High2023-12-27
CVE-2023-6940 Command Injection — mlflow/mlflow 8.8 -2023-12-19
CVE-2023-6848 kalcaddle kodbox index.class.php check command injection — kodbox 7.3 High2023-12-16
CVE-2023-49898 Apache StreamPark (incubating): Authenticated system users could trigger remote command execution — Apache StreamPark (incubating) 8.8 -2023-12-15
CVE-2023-6572 Command Injection in gradio-app/gradio — gradio-app/gradio 7.5AIHighAI2023-12-14
CVE-2023-25643 Two Vulnerabilities in Some ZTE Mobile Internet Products — MC801A 8.4 High2023-12-14
CVE-2023-48702 Jellyfin Possible Remote Code Execution via custom FFmpeg binary — jellyfin 7.2 High2023-12-13
CVE-2023-48791 Fortinet FortiPortal 安全漏洞 — FortiPortal 7.9 High2023-12-13
CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager — SAP Solution Manager 6.4 Medium2023-12-12
CVE-2023-6071 Trellix Enterprise Security Manager 安全漏洞 — ESM 8.4 High2023-11-30
CVE-2023-23369 QTS, Multimedia Console, and Media Streaming add-on — Multimedia Console 9.0 Critical2023-11-03
CVE-2023-20170 Cisco Identity Services Engine 安全漏洞 — Cisco Identity Services Engine Software 6.0 Medium2023-11-01
CVE-2023-5752 Mercurial configuration injectable in repo revision when installing via pip — pip 5.5 Medium2023-10-24
CVE-2023-36414 Azure Identity SDK Remote Code Execution Vulnerability — Azure Identity SDK for .NET 8.8 High2023-10-10
CVE-2023-36415 Azure Identity SDK Remote Code Execution Vulnerability — Azure Identity SDK for Java 8.8 High2023-10-10
CVE-2023-4401 Dell SmartFabric Storage Software 操作系统命令注入漏洞 — Dell SmartFabric Storage Software 7.8 High2023-10-05
CVE-2023-41031 Juplink RX4-1500 homemng.htm Command Injection Vulnerability — RX4-1500 8.0 High2023-09-22
CVE-2023-41029 Juplink RX4-1500 Command Injection Vulnerability — RX4-1500 8.0 High2023-09-22
CVE-2023-42810 systeminformation SSID Command Injection Vulnerability — systeminformation 9.8 Critical2023-09-21
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000) — Smart Modem Gen 2 (Arcadyan LH1000) 6.8 Medium2023-09-20

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.