Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2653

2653 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-2151 D-Link DIR-615 DMZ Host Feature adv_firewall.php os command injection — DIR-615 7.2 High2026-02-08
CVE-2026-2143 D-Link DIR-823X DDNS Service set_ddns os command injection — DIR-823X 7.2 High2026-02-08
CVE-2026-2142 D-Link DIR-823X set_qos sub_420688 os command injection — DIR-823X 7.2 High2026-02-08
CVE-2026-2131 XixianLiang HarmonyOS-mcp-server input_text os command injection — HarmonyOS-mcp-server 6.3 Medium2026-02-08
CVE-2026-2129 D-Link DIR-823X set_ac_status os command injection — DIR-823X 7.2 High2026-02-08
CVE-2026-2120 D-Link DIR-823X Configuration Parameter set_server_settings os command injection — DIR-823X 7.2 High2026-02-08
CVE-2026-25857 Tenda G300-F Command Injection via formSetWanDiag — Tenda G300-F 8.8AIHighAI2026-02-07
CVE-2026-2084 D-Link DIR-823X set_language os command injection — DIR-823X 7.2 High2026-02-07
CVE-2026-2082 D-Link DIR-823X set_mac_clone os command injection — DIR-823X 4.7 Medium2026-02-07
CVE-2026-2081 D-Link DIR-823X set_password os command injection — DIR-823X 4.7 Medium2026-02-07
CVE-2026-25763 Command Injection on OpenProject repositories leads to Remote Code Execution — openproject 6.5AIMediumAI2026-02-06
CVE-2026-1731 Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) — Remote Support(RS) & Privileged Remote Access(PRA) 9.8AICriticalAI2026-02-06
CVE-2026-25593 OpenClaw Affected by Unauthenticated Local RCE via WebSocket config.apply — openclaw 8.4 High2026-02-06
CVE-2026-25643 Frigate Affected by Authenticated Remote Command Execution (RCE) and Container Escape — frigate 9.1 Critical2026-02-06
CVE-2026-2063 D-Link DIR-823X Web Management set_ac_server os command injection — DIR-823X 4.7 Medium2026-02-06
CVE-2025-69212 OpenSTAManager has an OS Command Injection in P7M File Processing — openstamanager 8.8AIHighAI2026-02-06
CVE-2026-2061 D-Link DIR-823X set_ipv6 sub_424D20 os command injection — DIR-823X 4.7 Medium2026-02-06
CVE-2025-64111 Gogs's update .git/config file allows remote command execution — gogs 8.8AIHighAI2026-02-06
CVE-2020-37125 Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution — EW-7438RPn Mini 9.8 Critical2026-02-05
CVE-2020-37123 Pinger 1.0 - Remote Code Execution — Pinger 9.8 Critical2026-02-05
CVE-2025-11730 Zyxel多款产品 操作系统命令注入漏洞 — ATP series firmware 7.2 High2026-02-05
CVE-2026-25546 Godot MCP is vulnerable to Command Injection via unsanitized projectPath — godot-mcp 7.8 High2026-02-04
CVE-2026-25512 Group-Office is vulnerable to RCE due to Command Injection via TNEF Attachment Handler — groupoffice 8.8AIHighAI2026-02-04
CVE-2026-25157 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand — openclaw 7.8 High2026-02-04
CVE-2026-25143 melange affected by potential host command execution via license-check YAML mode patch pipeline — melange 7.8 High2026-02-04
CVE-2026-24844 melange pipeline working-directory could allow command injection — melange 7.8 High2026-02-04
CVE-2026-21893 n8n Vulnerable to Command Injection in Community Package Installation — n8n 7.2AIHighAI2026-02-04
CVE-2026-25053 n8n is Vulnerable to OS Command Injection in Git Node — n8n 8.8AIHighAI2026-02-04
CVE-2026-24887 Claude Code has a Command Injection in find Command Bypasses User Approval Prompt — claude-code 8.3AIHighAI2026-02-03
CVE-2025-52626 HCL AION is susceptible to Potential Command Injection vulnerability — AION 4.5 Medium2026-02-03

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2653 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.