CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-3266	Cisco SD-WAN Solution Command Injection Vulnerability — Cisco SD-WAN Solution	7.8	-	2020-03-19
CVE-2020-1980	PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands — PAN-OS	7.8	High	2020-03-11
CVE-2020-3176	Cisco Remote PHY Device Software Command Injection Vulnerability — Cisco Remote PHY	6.7	-	2020-03-04
CVE-2019-15609	kill-port-process package 操作系统命令注入漏洞 — kill-port-process	9.8	-	2020-02-28
CVE-2019-16005	Cisco Webex Video Mesh Node Command Injection Vulnerability — Cisco Webex Video Mesh	7.2	-	2020-01-26
CVE-2019-12629	Cisco SD-WAN vManage Command Injection Vulnerability — Cisco SD-WAN Solution	8.8	-	2020-01-26
CVE-2019-17148	Corel Parallels Desktop 命令注入漏洞 — Desktop	7.8	-	2020-01-07
CVE-2019-15575	GitLab 注入漏洞 — GitLab CE/EE	9.8	-	2019-12-18
CVE-2019-15595	Ubiquiti Networks UniFi Video Controller 安全漏洞 — UniFi Video Server	7.4	-	2019-11-25
CVE-2019-15588	Sonatype Nexus Repository Manager 操作系统命令注入漏洞 — Nexus Repository Manager	7.2	-	2019-11-01
CVE-2019-11279	Privilege Escalation via Scope Manipulation in UAA — UAA Release (OSS)	8.8	-	2019-09-26
CVE-2019-11278	Privilege Escalation via Blind SCIM Injection in UAA — UAA Release (OSS)	8.8	-	2019-09-26
CVE-2019-12661	Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability — Cisco IOS XE Software	6.7	-	2019-09-25
CVE-2019-12651	Cisco IOS XE Software Web UI Command Injection Vulnerabilities — Cisco IOS XE Software 3.2.11aSG	8.8	-	2019-09-25
CVE-2019-12650	Cisco IOS XE Software Web UI Command Injection Vulnerabilities — Cisco IOS XE Software 3.2.11aSG	8.8	-	2019-09-25
CVE-2019-13552	研华 Advantech WebAccess 命令注入漏洞 — WebAccess	8.8	-	2019-09-18
CVE-2019-12805	NC Launcher 2 Arbitrary Command Injection Vulnerability — NC Launcher2	8.8	-	2019-08-09
CVE-2019-1923	Cisco Small Business SPA500 Series IP Phones Local Command Execution Vulnerability — Cisco SPA525G2 5-line IP Phone	6.6	-	2019-07-17
CVE-2019-5446	Ubiquiti Networks EdgeMAX EdgeSwitch 命令注入漏洞 — EdgeMAX	7.2	-	2019-07-10
CVE-2019-1893	Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability — Cisco Enterprise NFV Infrastructure Software	7.8	-	2019-07-06
CVE-2019-1624	Cisco SD-WAN Solution Command Injection Vulnerability — Cisco SD-WAN Solution	8.8	-	2019-06-20
CVE-2019-1623	Cisco Meeting Server CLI Command Injection Vulnerability — Cisco Meeting Server	6.7	-	2019-06-20
CVE-2019-1780	Cisco FXOS and NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-16
CVE-2019-1791	Cisco NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1795	Cisco FXOS and NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1783	Cisco NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1784	Cisco NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1790	Cisco NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1781	Cisco FXOS and NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15
CVE-2019-1782	Cisco FXOS and NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	6.7	-	2019-05-15

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149