Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1063 bastillion-io Bastillion Public Key Management System AuthKeysKtrl.java command injection — Bastillion 4.7 Medium2026-01-17
CVE-2025-60021 Apache bRPC: Remote command injection vulnerability in heap builtin service — Apache bRPC 9.8 -2026-01-16
CVE-2026-0975 DIAView - Command Injection Vulnerability — DIAView 7.8 High2026-01-16
CVE-2026-22864 Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass — deno 8.1 High2026-01-15
CVE-2026-22755 Legacy Vivotek Camera Firmware Command Injection in upload_map.cgi — Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 9.8AICriticalAI2026-01-13
CVE-2026-22785 orval MCP client is vulnerable to a code injection attack. — orval 8.2AIHighAI2026-01-12
CVE-2026-22688 WeKnora has Command Injection in MCP stdio test — WeKnora 10.0 Critical2026-01-10
CVE-2026-22601 OpenProject is Vulnerable to Code Execution in E-Mail function — openproject 7.2 -2026-01-10
CVE-2026-0732 D-Link DI-8200G upgrade_filter.asp command injection — DI-8200G 6.3 Medium2026-01-08
CVE-2026-0641 TOTOLINK WA300 cstecgi.cgi sub_401510 command injection — WA300 6.3 Medium2026-01-06
CVE-2025-64424 Colify has command injection vulnerability in project git source — coolify 8.8 -2026-01-05
CVE-2025-64419 Coolify vulnerable to command injection via docker-compose.yaml parameters — coolify 9.7 Critical2026-01-05
CVE-2026-0581 Tenda AC1206 httpd BehaviorManager formBehaviorManager command injection — AC1206 6.3 Medium2026-01-05
CVE-2025-15391 D-Link DIR-806A SSDP Request ssdpcgi_main command injection — DIR-806A 6.3 Medium2025-12-31
CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection — DI-7400G+ 6.3 Medium2025-12-30
CVE-2025-69256 serverless MCP Server vulnerable to command injection in list-projects tool — serverless 7.5 High2025-12-30
CVE-2025-15257 Edimax BR-6208AC Web-based Configuration formRoute command injection — BR-6208AC 7.3 High2025-12-30
CVE-2025-15256 Edimax BR-6208AC Web-based Configuration formStaDrvSetup command injection — BR-6208AC 7.3 High2025-12-30
CVE-2025-69201 Tugtainer has RCE in Agent Command Execution Api — tugtainer 8.8 -2025-12-29
CVE-2025-15192 D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection — DWR-M920 6.3 Medium2025-12-29
CVE-2025-15191 D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 command injection — DWR-M920 6.3 Medium2025-12-29
CVE-2025-15139 TRENDnet TEW-822DRE formWsc sub_43ACF4  command injection — TEW-822DRE 6.3 Medium2025-12-28
CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection — TEW-800MB 8.8 High2025-12-28
CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection — TEW-800MB 8.8 High2025-12-28
CVE-2025-15133 ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_CloseSafe command injection — Z4Pro+ 6.3 Medium2025-12-28
CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection — Z4Pro+ 6.3 Medium2025-12-28
CVE-2025-15131 ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_SafeStatus command injection — Z4Pro+ 6.3 Medium2025-12-28
CVE-2025-15081 JD Cloud BE6500 jdcapi sub_4780 command injection — Cloud BE6500 6.3 Medium2025-12-25
CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection — WH450 7.3 High2025-12-23
CVE-2025-14884 D-Link DIR-605 Firmware Update Service command injection — DIR-605 7.2 High2025-12-18

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.