CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153

1153 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2019-7198	Command Injection Vulnerability in QTS and QuTS hero — QTS	9.8	-	2020-12-10
CVE-2020-2490	QNAP Systems QNAP QTS 命令注入漏洞 — QTS	7.2	High	2020-11-16
CVE-2020-2492	QNAP Systems QNAP QTS 命令注入漏洞 — QTS	7.2	High	2020-11-16
CVE-2018-19950	QNAP Systems TS-870 命令注入漏洞 — Music Station	9.8	-	2020-11-02
CVE-2020-7384	Client-Side Command Injection in Rapid7 Metasploit — Metasploit	7.0	High	2020-10-29
CVE-2020-14342	Samba 命令操作系统命令注入漏洞 — cifs-utils	4.4	Medium	2020-09-09
CVE-2020-10518	Unsafe configuration options in GitHub Pages leading to remote code execution on GitHub Enterprise Server — GitHub Enterprise Server	8.8	-	2020-08-27
CVE-2020-15642	Marvell QConvergeConsole 操作系统命令注入漏洞 — QConvergeConsole	8.8	-	2020-08-25
CVE-2020-8233	Ubiquiti Networks EdgeSwitch 操作系统命令注入漏洞 — EdgeSwitch firmware v1.9.0 and prior	8.8	-	2020-08-17
CVE-2020-8211	Citrix Systems XenMobile Server SQL注入漏洞 — Citrix XenMobile Server	9.8	-	2020-08-17
CVE-2020-14505	Advantech iView 命令注入漏洞 — Advantech iView	9.8	-	2020-07-15
CVE-2020-8186	Devcert 操作系统命令注入漏洞 — devcert	9.8	-	2020-07-10
CVE-2020-8188	Ubiquiti UniFi Protect 命令注入漏洞 — Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR	8.8	-	2020-07-02
CVE-2020-4059	Command Injection in mversion — mversion	7.3	High	2020-06-18
CVE-2020-3276	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-3275	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-3274	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-3279	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-3278	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-3277	Cisco Small Business RV Series Routers Command Injection Vulnerabilities — Cisco Small Business RV Series Router Firmware	7.2	-	2020-06-18
CVE-2020-5299	Potential CSV Injection vector in OctoberCMS — october	4.0	Medium	2020-06-03
CVE-2020-3224	Cisco IOS XE Software Web UI Command Injection Vulnerability — Cisco IOS XE Software 16.11.1	8.8	-	2020-06-03
CVE-2020-3219	Cisco IOS XE Software Web UI Command Injection Vulnerability — Cisco IOS XE Software 16.1.1	8.8	-	2020-06-03
CVE-2020-3212	Cisco IOS XE Software Web UI Command Injection Vulnerability — Cisco IOS XE Software 16.11.1	8.8	-	2020-06-03
CVE-2020-3211	Cisco IOS XE Software Web UI Command Injection Vulnerability — Cisco IOS XE Software 16.10.1	7.2	-	2020-06-03
CVE-2020-3210	Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability — Cisco IOS 12.2(60)EZ16	6.7	-	2020-06-03
CVE-2020-3207	Cisco IOS XE Software Command Injection Vulnerability — Cisco IOS XE Software 16.9.2	6.7	-	2020-06-03
CVE-2020-8171	Ubiquiti Networks AirOS 操作系统命令注入漏洞 — AirMax AirOS for TI, XW and XM boards	9.8	-	2020-05-26
CVE-2020-11073	Remote Code Execution in Autoswitch Python Virtualenv — zsh-autoswitch-virtualenv	7.9	High	2020-05-13
CVE-2019-5623	Accellion File Transfer Appliance Improper Neutralization of Special Elements used in a Command ('Command Injection') — File Transfer Appliance	9.8	-	2020-04-29

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1153 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1153