Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-22913 Zyxel USG FLEX 命令注入漏洞 — USG FLEX series firmware 8.1 High2023-04-24
CVE-2023-28489 Siemens SICAM A8000 命令注入漏洞 — CP-8031 MASTER MODULE 9.8 Critical2023-04-11
CVE-2023-20118 Cisco Small Business 输入验证错误漏洞 — Cisco Small Business RV Series Router Firmware 6.5 Medium2023-04-05
CVE-2023-1877 Command Injection in microweber/microweber — microweber/microweber 9.8 -2023-04-05
CVE-2023-20121 Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities — Cisco Identity Services Engine Software 6.0 Medium2023-04-05
CVE-2023-20122 Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities — Cisco Identity Services Engine Software 6.0 Medium2023-04-05
CVE-2023-20124 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability — Cisco Small Business RV Series Router Firmware 6.5 Medium2023-04-05
CVE-2023-20152 Cisco Identity Services Engine Command Injection Vulnerabilities — Cisco Identity Services Engine Software 6.0 Medium2023-04-05
CVE-2023-20153 Cisco Identity Services Engine Command Injection Vulnerabilities — Cisco Identity Services Engine Software 6.0 Medium2023-04-05
CVE-2023-28854 nophp vulnerable to shell command injection on httpd user when sending a password-setting mail or mail-login mail — nophp 8.0 High2023-04-03
CVE-2023-28935 Apache UIMA DUCC: DUCC (EOL) allows RCE — Apache UIMA DUCC 8.8 -2023-03-30
CVE-2023-1685 HadSky Installation Interface index.php command injection — HadSky 6.3 Medium2023-03-29
CVE-2023-23355 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR — QTS 6.6 Medium2023-03-29
CVE-2022-43623 D-Link DIR-1935 命令注入漏洞 — DIR-1935 6.8 -2023-03-29
CVE-2023-28430 OneSignal repository github action command injection — react-native-onesignal 7.3 High2023-03-27
CVE-2023-1456 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter X 7.2 High2023-03-25
CVE-2023-1457 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter X 7.2 High2023-03-25
CVE-2023-1458 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter X 7.2 High2023-03-25
CVE-2023-20097 Cisco Access Point Software Command Injection Vulnerability — Cisco Aironet Access Point Software 4.6 Medium2023-03-23
CVE-2023-28425 Specially crafted MSETNX command can lead to denial-of-service — redis 5.5 Medium2023-03-20
CVE-2015-10096 Zarthus IRC Twitter Announcer Bot twitter_announcer.rb get_tweets command injection — IRC Twitter Announcer Bot 5.0 Medium2023-03-20
CVE-2023-28110 JumpServer Koko vulnerable to Command Injection for Kubernetes Connection — jumpserver 5.7 Medium2023-03-16
CVE-2023-27581 github-slug-action vulnerable to arbitrary code execution — github-slug-action 8.8 High2023-03-13
CVE-2023-0978 Trellix Intelligent Sandbox 命令注入漏洞 — Trellix Intelligent Sandbox 6.4 Medium2023-03-13
CVE-2023-0628 Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL — Docker Desktop 6.1 Medium2023-03-13
CVE-2023-1277 kylin-system-updater Update InstallSnap command injection — kylin-system-updater 7.8 High2023-03-08
CVE-2021-4329 json-logic-js logic.js command injection — json-logic-js 5.5 Medium2023-03-05
CVE-2023-1162 DrayTek Vigor 2960 Web Management Interface mainfunction.cgi command injection — Vigor 2960 7.2 High2023-03-03
CVE-2021-3855 Command Injection in Liman Central Management System — Liman Central Management System 8.8 High2023-02-24
CVE-2023-23917 Rocket.Chat 安全漏洞 — Rocket.chat 8.8 -2023-02-23

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.