Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-11335 D-Link DI-7100G C1 jhttpd msp_info.htm sub_46409C command injection — DI-7100G C1 4.7 Medium2025-10-06
CVE-2025-11331 IdeaCMS Website Name Config.php command injection — IdeaCMS 4.7 Medium2025-10-06
CVE-2025-11303 Belkin F9K1015 mp command injection — F9K1015 6.3 Medium2025-10-05
CVE-2025-11298 Belkin F9K1015 formSetWanStatic command injection — F9K1015 6.3 Medium2025-10-05
CVE-2025-11292 Belkin F9K1015 formBSSetSitesurvey command injection — F9K1015 6.3 Medium2025-10-05
CVE-2025-59741 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 8.8 -2025-10-02
CVE-2025-59740 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59739 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 8.8 -2025-10-02
CVE-2025-59738 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59737 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59736 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59735 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59337 Discourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite Deployments — discourse 8.1AIHighAI2025-10-01
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow — serverless-dns 9.8AICriticalAI2025-09-30
CVE-2025-41250 Header injection vulnerability — vCenter 8.5 High2025-09-29
CVE-2025-11121 Tenda AC18 AdvSetLanip command injection — AC18 6.3 Medium2025-09-28
CVE-2025-11100 D-Link DIR-823X set_wifi_blacklists uci_set command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11099 D-Link DIR-823X delete_prohibiting uci_del command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11098 D-Link DIR-823X set_wifi_blacklists command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11097 D-Link DIR-823X set_device_name command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11096 D-Link DIR-823X diag_traceroute command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11095 D-Link DIR-823X delete_offline_device command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11092 D-Link DIR-823X set_switch_settings sub_412E7C command injection — DIR-823X 6.3 Medium2025-09-28
CVE-2025-11073 Keyfactor RG-EW5100BE HTTP POST Request cmd command injection — RG-EW5100BE 4.7 Medium2025-09-27
CVE-2025-11045 WAYOS LQ_04/LQ_05/LQ_06/LQ_07/LQ_09 usb_paswd.asp command injection — LQ_04 7.3 High2025-09-26
CVE-2025-10964 Wavlink NU516U1 firewall.cgi sub_401B30 command injection — NU516U1 6.3 Medium2025-09-25
CVE-2025-59817 Authenticated Remote Code Execution in zForm_auto_config — TCIS-3+ 8.4 High2025-09-25
CVE-2025-59815 Authenticated Remote Code Execution in the Billing Administration portal — ICX500 8.4 High2025-09-25
CVE-2025-10963 Wavlink NU516U1 firewall.cgi sub_4016F0 command injection — NU516U1 6.3 Medium2025-09-25
CVE-2025-10962 Wavlink NU516U1 SetName wireless.cgi sub_403198 command injection — NU516U1 6.3 Medium2025-09-25

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.