Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659

2659 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-50691 MiniDVBLinux 5.4 Remote Root Command Execution via commands.sh — MiniDVBLinux 9.8 Critical2025-12-30
CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection — W6-S 6.3 Medium2025-12-30
CVE-2025-66203 StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection — StreamVault 10.0 Critical2025-12-26
CVE-2025-68922 OpenOps 操作系统命令注入漏洞 — OpenOps 7.4 High2025-12-24
CVE-2019-25255 VideoFlow Digital Video Protection DVP 2.10 Authenticated Remote Code Execution — VideoFlow Digital Video Protection DVP 4.3 Medium2025-12-24
CVE-2019-25243 FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test — FaceSentry Access Control System 8.8 High2025-12-24
CVE-2018-25143 Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service — Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak 8.8 High2025-12-24
CVE-2025-43876 iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - get8021xSettings — iSTAR Ultra, iSTAR Ultra SE 9.8AICriticalAI2025-12-24
CVE-2025-43875 iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - getOptionsInfo — iSTAR Ultra, iSTAR Ultra SE 8.8AIHighAI2025-12-24
CVE-2025-66213 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in File Storage Directory Mount Path — coolify 9.9AICriticalAI2025-12-23
CVE-2025-66212 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in Dynamic Proxy Configuration Filename — coolify 8.8AIHighAI2025-12-23
CVE-2025-66211 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in PostgreSQL Init Script Filename — coolify 8.8AIHighAI2025-12-23
CVE-2025-66210 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in Database Import — coolify 8.8AIHighAI2025-12-23
CVE-2025-13700 DreamFactory saveZipFile Command Injection Remote Code Execution Vulnerability — DreamFactory 8.8AIHighAI2025-12-23
CVE-2025-66209 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in Database Backup — coolify 10.0 Critical2025-12-23
CVE-2025-14500 IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability — IceWarp 9.8AICriticalAI2025-12-23
CVE-2023-53963 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Remote Command Injection — Impact/Pulse/First 9.8 Critical2025-12-22
CVE-2023-53981 PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection — PhotoShow 7.2 High2025-12-22
CVE-2023-53948 Lilac-Reloaded for Nagios 2.0.8 Remote Code Execution via Autodiscovery — Lilac-Reloaded 9.8 Critical2025-12-19
CVE-2023-53945 BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation — BrainyCP 8.8 High2025-12-19
CVE-2025-11774 Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64 — GENESIS64 8.2 High2025-12-19
CVE-2023-53941 EasyPHP Webserver 14.1 Remote Code Execution — EasyPHP Webserver 9.8 Critical2025-12-18
CVE-2025-14737 Command Injection Vulnerability in TP-Link WA850RE — WA850RE 8.0AIHighAI2025-12-18
CVE-2025-65008 OS Command Injection in WODESYS WD-R608U router — WD-R608U 8.8AIHighAI2025-12-18
CVE-2025-68459 Ruijie AP180 series 操作系统命令注入漏洞 — AP180-PE V3.xx 7.2 High2025-12-18
CVE-2025-68109 ChurchCRM vulnerable to RCE with database restore functionality — CRM 9.1 Critical2025-12-17
CVE-2025-43873 iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce — iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 9.8AICriticalAI2025-12-17
CVE-2025-68154 Command Injection in fsSize() on Windows — systeminformation 8.1 High2025-12-16
CVE-2023-53872 Wp2Fac 1.0 OS Command Injection via send.php Endpoint — Wp2Fac 9.8AICriticalAI2025-12-15
CVE-2025-14586 TOTOLINK X5000R cstecgi.cgi snprintf os command injection — X5000R 6.3 Medium2025-12-13

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.