Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68433 Zed IDE MCP Context Server Configuration Arbitrary Code Execution — zed 7.8 High2025-12-17
CVE-2025-68432 Zed IDE LSP Binary Configuration Arbitrary Code Execution — zed 7.8 High2025-12-17
CVE-2025-14707 Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server command injection — sgwbox N3 9.8 Critical2025-12-15
CVE-2025-14706 Shiguangwu sgwbox N3 NETREBOOT http_eshell_server command injection — sgwbox N3 9.8 Critical2025-12-15
CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection — sgwbox N3 9.8 Critical2025-12-15
CVE-2025-14659 D-Link DIR-860LB1/DIR-868LB1 DHCP command injection — DIR-860LB1 8.8 High2025-12-14
CVE-2025-14648 DedeBIZ catalog_add.php command injection — DedeBIZ 4.7 Medium2025-12-14
CVE-2025-67728 Fireshare Public Uploads feature is vulnerable to OS Command Injection (RCE) — fireshare 9.8 Critical2025-12-12
CVE-2025-67508 gardenctl is vulnerable to Command Injection when used with non‑POSIX shells — gardenctl-v2 6.0AIMediumAI2025-12-12
CVE-2025-14485 EFM ipTIME A3004T Administrator Password timepro.cgi show_debug_screen command injection — ipTIME A3004T 5.0 Medium2025-12-11
CVE-2025-67511 Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool — cai 9.7 Critical2025-12-10
CVE-2025-54100 PowerShell Remote Code Execution Vulnerability — Windows 10 Version 1607 7.8 High2025-12-09
CVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability — GitHub Copilot Plugin for JetBrains IDEs 8.4 High2025-12-09
CVE-2025-40937 Siemens SIMATIC CN 4100 命令注入漏洞 — SIMATIC CN 4100 8.3 High2025-12-09
CVE-2024-56837 Siemens RUGGEDCOM ROX II 命令注入漏洞 — RUGGEDCOM ROX MX5000 7.2 High2025-12-09
CVE-2024-56836 Siemens RUGGEDCOM ROX II 命令注入漏洞 — RUGGEDCOM ROX MX5000 7.5 High2025-12-09
CVE-2025-14276 Ilevia EVE X1 Server leaf_search.php command injection — EVE X1 Server 5.6 Medium2025-12-08
CVE-2025-14225 D-Link DCS-930L alphapd setSystemAdmin command injection — DCS-930L 6.3 Medium2025-12-08
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection — DIR-823X 6.3 Medium2025-12-08
CVE-2025-14188 UGREEN DH2100+ nas_svr create handler_file_backup_create command injection — DH2100+ 7.2 High2025-12-07
CVE-2025-14184 SGAI Space1 NAS N1211DS gsaiagent JSONAPI NGNIX_UPLOAD command injection — Space1 NAS N1211DS 6.3 Medium2025-12-07
CVE-2025-14108 ZSPACE Q2C NAS HTTP POST Request open zfilev2_api.OpenSafe command injection — Q2C NAS 8.8 High2025-12-05
CVE-2025-14107 ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection — Q2C NAS 8.8 High2025-12-05
CVE-2025-14106 ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection — Q2C NAS 8.8 High2025-12-05
CVE-2025-1910 WatchGuard Mobile VPN with SSL Local Privilege Escalation via Update Package — Mobile VPN with SSL Client 7.8AIHighAI2025-12-04
CVE-2025-66404 mcp-server-kubernetes potential security issue in exec_in_pod tool — mcp-server-kubernetes 6.4 Medium2025-12-03
CVE-2025-66032 Claude Code Command Validation Bypass Allows Arbitrary Code Execution — claude-code 8.4AIHighAI2025-12-03
CVE-2025-66399 SNMP Command Injection leads to RCE in Cacti — cacti 8.8AIHighAI2025-12-02
CVE-2025-13800 ADSLR NBR1005GPEV2 send_order.cgi set_mesh_disconnect command injection — NBR1005GPEV2 6.3 Medium2025-12-01
CVE-2025-13799 ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_del command injection — NBR1005GPEV2 6.3 Medium2025-12-01

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.