Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9935 TOTOLINK N600R cstecgi.cgi sub_4159F8 command injection — N600R 7.3 High2025-09-03
CVE-2025-9934 TOTOLINK X5000R cstecgi.cgi sub_410C34 command injection — X5000R 6.3 Medium2025-09-03
CVE-2025-58178 Command Injection via sonarqube-scan-action GitHub Action — sonarqube-scan-action 7.8 High2025-09-02
CVE-2025-9769 D-Link DI-7400G+ mng_platform.asp sub_478D28 command injection — DI-7400G+ 4.1 Medium2025-09-01
CVE-2025-44015 HybridDesk Station — HybridDesk Station 8.0 -2025-08-29
CVE-2025-30264 QTS, QuTS hero — QTS 8.8 -2025-08-29
CVE-2025-29887 QuRouter 2.5 — QuRouter 7.2 -2025-08-29
CVE-2025-9654 AiondaDotCom mcp-ssh server-simple.mjs command injection — mcp-ssh 6.3 Medium2025-08-29
CVE-2025-9603 Telesquare TLR-2005KSH internet.cgi command injection — TLR-2005KSH 6.3 Medium2025-08-29
CVE-2025-9586 Comfast CF-N1 webmgnt wireless_device_dissoc command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-9585 Comfast CF-N1 webmgnt wifilith_delete_pic_file command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-9584 Comfast CF-N1 webmgnt update_interface_png command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-9583 Comfast CF-N1 webmgnt ping_config command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-9582 Comfast CF-N1 webmgnt ntp_timezone command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection — CF-N1 6.3 Medium2025-08-28
CVE-2025-41451 Post-Authentication OS Command Injection RCE in Danfoss AK-SM8xxA Series — AK-SM8xxA Series 7.2AIHighAI2025-08-22
CVE-2025-57733 JetBrains TeamCity 命令注入漏洞 — TeamCity 5.5 Medium2025-08-20
CVE-2025-55294 Command Injection via `format` option in screenshot-desktop — screenshot-desktop 9.8 Critical2025-08-19
CVE-2025-9149 Wavlink WL-NU516U1 wireless.cgi sub_4032E4 command injection — WL-NU516U1 6.3 Medium2025-08-19
CVE-2025-55283 aiven-db-migrate allows Privilege Escalation through use of psql during migration — aiven-db-migrate 9.1 Critical2025-08-18
CVE-2025-9090 Tenda AC20 Telnet Service telnet websFormDefine command injection — AC20 6.3 Medium2025-08-17
CVE-2025-20306 Cisco Secure Firewall Management Center Software Command Injection Vulnerability — Cisco Firepower Management Center 4.9 Medium2025-08-14
CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection — DIR‑818L 6.3 Medium2025-08-14
CVE-2025-8937 TOTOLINK N350R formSysCmd command injection — N350R 6.3 Medium2025-08-14
CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2022 version 17.14 7.8 High2025-08-12
CVE-2025-8752 wangzhixuan spring-shiro-training add command injection — spring-shiro-training 7.3 High2025-08-09
CVE-2025-53787 Microsoft 365 Copilot BizChat Information Disclosure Vulnerability — Microsoft 365 Copilot's Business Chat 8.2 High2025-08-07
CVE-2025-53774 Microsoft 365 Copilot BizChat Information Disclosure Vulnerability — Microsoft 365 Copilot's Business Chat 6.5 Medium2025-08-07
CVE-2025-7769 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Tigo Energy Cloud Connect Advanced — Cloud Connect Advanced 9.8AICriticalAI2025-08-06
CVE-2025-54782 @nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers — nest 9.6 -2025-08-01

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.