Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659

2659 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-58314 Atcom 2.7.x.x Authenticated Command Injection via Web Configuration CGI — 100M IP Phones 8.8 High2025-12-12
CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences — Typora 9.8 Critical2025-12-12
CVE-2024-58294 FreePBX 16 Authenticated Remote Code Execution via API Module — FreePBX 8.8AIHighAI2025-12-11
CVE-2024-58287 reNgine 2.2.0 Authenticated Command Injection via Scan Engine Configuration — reNgine 8.8AIHighAI2025-12-11
CVE-2024-58286 dizqueTV 1.5.3 Remote Code Execution via FFMPEG Executable Path — dizqueTV 9.8AICriticalAI2025-12-11
CVE-2025-13481 IBM Aspera Orchestrator Command Injection — Aspera Orchestrator 8.8 High2025-12-11
CVE-2025-67738 Webmin 操作系统命令注入漏洞 — Webmin 8.5 High2025-12-11
CVE-2025-65199 Windscribe for Linux 'changeMTU' local privilege escalation — Windscribe for Linux Desktop App 7.8 High2025-12-10
CVE-2021-47728 Selea Targa IP Camera Remote Code Execution via Utils — Selea Targa IP OCR-ANPR Camera 9.8AICriticalAI2025-12-09
CVE-2025-53679 Fortinet FortiSandbox 操作系统命令注入漏洞 — FortiSandbox 6.9 High2025-12-09
CVE-2025-53949 Fortinet FortiSandbox 操作系统命令注入漏洞 — FortiSandbox 7.0 High2025-12-09
CVE-2025-64153 Fortinet FortiExtender 操作系统命令注入漏洞 — FortiExtender 6.7 High2025-12-09
CVE-2025-14204 TykoDev cherry-studio-TykoFork OAuth Server Discovery oauth-authorization-server redirectToAuthorization os command injection — cherry-studio-TykoFork 6.3 Medium2025-12-07
CVE-2020-36877 ReQuest Serious Play F3 Media Server <= 7.0.3 code execution — ReQuest Serious Play Pro 9.8 -2025-12-05
CVE-2025-14094 Edimax BR-6478AC V3 formSysCmd sub_44CCE4 os command injection — BR-6478AC V3 4.7 Medium2025-12-05
CVE-2025-14093 Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection — BR-6478AC V3 4.7 Medium2025-12-05
CVE-2025-14092 Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection — BR-6478AC V3 4.7 Medium2025-12-05
CVE-2025-66644 Array Networks ArrayOS AG 操作系统命令注入漏洞 — ArrayOS AG 7.2 High2025-12-05
CVE-2025-66576 Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE) — Remote Keyboard Desktop 9.8AICriticalAI2025-12-04
CVE-2025-66572 Loaded Commerce 6.6 Client-Side Template Injection(CSTI) — Loaded Commerce 9.8AICriticalAI2025-12-04
CVE-2024-58278 IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution — perl2exe 7.8AIHighAI2025-12-04
CVE-2025-66208 Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy — online 8.8AIHighAI2025-12-03
CVE-2025-34319 TOTOLINK N300RT <= V2.1.8-B20201030.1539 Boa formWsc RCE — N300RT 9.8AICriticalAI2025-12-03
CVE-2025-12744 Abrt: command-injection in abrt leading to local privilege escalation 8.8 High2025-12-03
CVE-2025-11787 Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50 — Circutor 9.8AICriticalAI2025-12-02
CVE-2025-66401 MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL — mcp-watch 9.8 Critical2025-12-01
CVE-2025-35028 HexStrike AI MCP Server Command Injection — HexStrike AI 9.1 Critical2025-11-30
CVE-2025-8890 Authenticated RCE in SDMC NE6037 router — NE6037 7.2 -2025-11-27
CVE-2025-64128 Zenitel TCIV-3+ OS Command Injection — TCIV-3+ 10.0 Critical2025-11-26
CVE-2025-64127 Zenitel TCIV-3+ OS Command Injection — TCIV-3+ 10.0 Critical2025-11-26

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.