Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1638 Tenda AC21 mDMZSetCfg command injection — AC21 6.3 Medium2026-01-29
CVE-2026-1625 D-Link DWR-M961 SMS Message formSmsManage sub_4250E0 command injection — DWR-M961 6.3 Medium2026-01-29
CVE-2026-1624 D-Link DWR-M961 formLtefotaUpgradeFibocom command injection — DWR-M961 6.3 Medium2026-01-29
CVE-2026-25046 [Kimi VS Code] Command Injection in publish scripts vsix-publish.js and ovsx-publish.js — kimi-agent-sdk 2.9 Low2026-01-29
CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build — inspektor-gadget 9.1AICriticalAI2026-01-29
CVE-2026-1623 Totolink A7000R cstecgi.cgi setUpgradeFW command injection — A7000R 6.3 Medium2026-01-29
CVE-2026-1601 Totolink A7000R cstecgi.cgi setUploadUserData command injection — A7000R 6.3 Medium2026-01-29
CVE-2026-1596 D-Link DWR-M961 formLtefotaUpgradeQuectel sub_419920 command injection — DWR-M961 6.3 Medium2026-01-29
CVE-2026-1548 Totolink A7000R cstecgi.cgi CloudACMunualUpdateUserdata command injection — A7000R 6.3 Medium2026-01-28
CVE-2026-1547 Totolink A7000R cstecgi.cgi setUnloadUserData command injection — A7000R 6.3 Medium2026-01-28
CVE-2026-24685 OpenProject has Argument Injection on Repository module that allows Arbitrary File Write — openproject 7.5AIHighAI2026-01-28
CVE-2025-14756 Authenticated Command Injection Vulnerability in Archer MR600 — Archer MR600 v5.0 8.8AIHighAI2026-01-26
CVE-2016-15057 Apache Continuum: Command injection leading to RCE — Apache Continuum 8.8AIHighAI2026-01-26
CVE-2026-1419 D-Link DCS700l Web Form setDayNightMode command injection — DCS700l 4.7 Medium2026-01-26
CVE-2026-1414 Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection — Operation and Maintenance Security Management System 6.3 Medium2026-01-26
CVE-2026-1413 Sangfor Operation and Maintenance Security Management System HTTP POST Request port_validate portValidate command injection — Operation and Maintenance Security Management System 6.3 Medium2026-01-26
CVE-2026-1412 Sangfor Operation and Maintenance Security Management System HTTP POST Request get_clip_img command injection — Operation and Maintenance Security Management System 7.3 High2026-01-26
CVE-2026-24132 Orval Mock Generation Code Injection via const — orval 8.1 -2026-01-22
CVE-2026-21520 Copilot Studio Information Disclosure Vulnerability — Microsoft Copilot Studio 7.5 High2026-01-22
CVE-2026-1327 Totolink NR1800X POST Request cstecgi.cgi setTracerouteCfg command injection — NR1800X 6.3 Medium2026-01-22
CVE-2026-1326 Totolink NR1800X POST Request cstecgi.cgi setWanCfg command injection — NR1800X 6.3 Medium2026-01-22
CVE-2025-15367 POP3 command injection in user-controlled commands — CPython 9.8AICriticalAI2026-01-20
CVE-2025-15366 IMAP command injection in user-controlled commands — CPython 9.8AICriticalAI2026-01-20
CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation — orval 10.0AICriticalAI2026-01-20
CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection — Online Store Management System ネット店舗管理システム 7.3 High2026-01-19
CVE-2026-1150 Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection — LR350 6.3 Medium2026-01-19
CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection — LR350 6.3 Medium2026-01-19
CVE-2026-1125 D-Link DIR-823X set_wifidog_settings sub_412E7C command injection — DIR-823X 7.3 High2026-01-18
CVE-2026-1066 kalcaddle kodbox Compression zip command injection — kodbox 6.3 Medium2026-01-17
CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection — Bastillion 4.7 Medium2026-01-17

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.