CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-35954	Delimiter injection vulnerability in @actions/core exportVariable — toolkit	5.0	Medium	2022-08-13
CVE-2022-34660	Siemens Teamcenter 命令注入漏洞 — Teamcenter V12.4	9.1	-	2022-08-10
CVE-2022-2323	SonicWALL Switch 命令注入漏洞 — SonicWall Switch	8.8	-	2022-07-29
CVE-2016-4991	NodePDF 命令注入漏洞 — nodepdf	9.8	-	2022-07-28
CVE-2022-2143	Advantech iView — iView	9.8	Critical	2022-07-22
CVE-2022-31161	Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload — roxy-wi	10.0	Critical	2022-07-15
CVE-2022-34820	多款Siemens SIMATIC产品命令注入漏洞 — SIMATIC CP 1242-7 V2	8.4	High	2022-07-12
CVE-2022-29560	Siemens RUGGEDCOM ROX 系列命令注入漏洞 — RUGGEDCOM ROX MX5000	5.5	-	2022-07-12
CVE-2022-32262	Siemens SINEMA Remote Connect Server命令注入漏洞 — SINEMA Remote Connect Server	8.8	High	2022-06-14
CVE-2020-36529	SevOne Network Management System Traceroute traceroute.php command injection — Network Management System	8.8	High	2022-06-03
CVE-2022-29256	Possible vulnerability at 'npm install' time in sharp if an attacker has control over build environment — sharp	6.5	Medium	2022-05-25
CVE-2022-29184	Command Injection/Argument Injection in GoCD — gocd	8.8	High	2022-05-20
CVE-2022-26085	InHand Networks InRouter Series 操作系统命令注入漏洞 — InRouter302	8.8	-	2022-05-12
CVE-2022-26042	InHand Networks InRouter Series 操作系统命令注入漏洞 — InRouter302	8.8	-	2022-05-12
CVE-2022-26007	InHand Networks InRouter302操作系统命令注入漏洞 — InRouter302	7.2	-	2022-05-12
CVE-2022-27588	Vulnerability in QVR — QVR	9.8	Critical	2022-05-05
CVE-2021-44051	Command injection — QuTScloud	8.8	High	2022-05-05
CVE-2022-27806	F5 BIG-IP多款产品命令注入漏洞 — BIG-IP (Advanced WAF, APM, ASM)	8.7	High	2022-05-05
CVE-2022-26415	F5 BIG-IP 命令注入漏洞 — BIG-IP	7.7	High	2022-05-05
CVE-2022-20799	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	4.7	Medium	2022-05-04
CVE-2022-20801	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	4.7	Medium	2022-05-04
CVE-2022-1509	Command Injection Vulnerability in hestiacp/hestiacp — hestiacp/hestiacp	9.9	Critical	2022-04-28
CVE-2021-34592	Bender Charge Controller: Command injection via Web interface — CC612	8.8	High	2022-04-27
CVE-2022-0999	mySCADA myPRO Command Injection — myPRO	8.8	High	2022-04-11
CVE-2022-20665	Cisco StarOS Command Injection Vulnerability — Cisco ASR 5000 Series Software	6.0	Medium	2022-04-06
CVE-2021-32933	MDT AutoSave Command Injection — MDT AutoSave	10.0	Critical	2022-04-01
CVE-2022-25619	Authenticated Command Injection to RCE — SambaBox	3.8	Low	2022-03-30
CVE-2022-22688	Synology DiskStation Manager命令注入漏洞 — DiskStation Manager (DSM)	8.8	High	2022-03-25
CVE-2021-4045	TP-LINK Tapo C200 remote code execution vulnerability — Tapo C200	9.8	Critical	2022-03-07
CVE-2021-41599	Improper control flow in GitHub Enterprise Server hosted Pages leads to remote code execution — GitHub Enterprise Server	8.8	-	2022-02-17

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153