Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1157

1157 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-7525 TOTOLINK T6 HTTP POST Request cstecgi.cgi setTracerouteCfg command injection — T6 6.3 Medium2025-07-13
CVE-2025-7524 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg command injection — T6 6.3 Medium2025-07-13
CVE-2025-7415 Tenda O3V2 httpd getTraceroute fromTraceroutGet command injection — O3V2 6.3 Medium2025-07-10
CVE-2025-53355 mcp-server-kubernetes vulnerable to command injection in several tools — mcp-server-kubernetes 7.5 High2025-07-08
CVE-2025-7192 D-Link DIR-645 ssdpcgi cgibin ssdpcgi_main command injection — DIR-645 6.3 Medium2025-07-08
CVE-2025-53372 node-code-sandbox-mcp has a Sandbox Escape via Command Injection — node-code-sandbox-mcp 7.5 High2025-07-08
CVE-2025-53104 gluestack-ui Command Injection Vulnerability via discussion-to-slack GitHub Action Workflow — gluestack-ui 9.1 Critical2025-07-01
CVE-2025-53107 @cyanheads/git-mcp-server vulnerable to command injection in several tools — git-mcp-server 7.5 High2025-07-01
CVE-2025-52995 File Browser vulnerable to command execution allowlist bypass — filebrowser 8.1 High2025-06-30
CVE-2025-53098 Roo Code Vulnerable to Potential Remote Code Execution via Model Context Protocol — Roo-Code 8.1 High2025-06-27
CVE-2025-6775 xiaoyunjie openvpn-cms-flask User Creation Endpoint openvpn.py create_user command injection — openvpn-cms-flask 6.3 Medium2025-06-27
CVE-2025-6522 TrendMakers Sight Bulb Pro Command Injection — Sight Bulb Pro Firmware ZJ_CG32-2201 5.4 Medium2025-06-27
CVE-2025-5306 Command Injection in Netflow path — Pandora FMS 9.8AICriticalAI2025-06-27
CVE-2025-52904 File Browser: Command Execution not Limited to Scope — filebrowser 8.1 High2025-06-26
CVE-2025-52903 File Browser Allows Execution of Shell Commands That Can Spawn Other Commands — filebrowser 8.1 High2025-06-26
CVE-2025-52483 Registrator.jl Vulnerable to Argument Injection and Command Injection — Registrator.jl 8.8AIHighAI2025-06-25
CVE-2025-6335 DedeCMS Template dedetag.class.php command injection — DedeCMS 4.7 Medium2025-06-20
CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low) — constructor--2025-06-17
CVE-2025-47959 Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2022 version 17.10 7.1 High2025-06-13
CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface — Cloud NGFW 7.2AIHighAI2025-06-12
CVE-2025-4678 Remote Code Execution leads to Command Injection — Pandora ITSM 9.8AICriticalAI2025-06-10
CVE-2025-4653 Remote Code Execution leads to Command Injection — Pandora ITSM 9.8AICriticalAI2025-06-10
CVE-2025-5836 Tenda AC9 POST Request SetIPTVCfg formSetIptv command injection — AC9 6.3 Medium2025-06-07
CVE-2025-22481 QTS, QuTS hero — QTS 8.8AIHighAI2025-06-06
CVE-2025-5763 Tenda CP3 apollo sub_F3C8C command injection — CP3 4.7 Medium2025-06-06
CVE-2025-5695 Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection — AX8 4.7 Medium2025-06-05
CVE-2025-5606 Tenda AC18 SetIPTVCfg formSetIptv command injection — AC18 6.3 Medium2025-06-04
CVE-2025-20278 Cisco Unified Communications Products Command Injection Vulnerability — Cisco Finesse 6.0 Medium2025-06-04
CVE-2025-5515 TOTOLINK X2000R formMapDel command injection — X2000R 6.3 Medium2025-06-03
CVE-2025-5504 TOTOLINK X2000R formWsc command injection — X2000R 6.3 Medium2025-06-03

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1157 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.