Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659

2659 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-1036 Hitachi TropOS 4th Gen 操作系统命令注入漏洞 — TropOS 4th Gen 8.8AIHighAI2025-10-28
CVE-2025-12296 D-Link DAP-2695 Firmware Update sub_4174B0 os command injection — DAP-2695 4.7 Medium2025-10-27
CVE-2025-10680 OpenVPN 安全漏洞 — OpenVPN 8.8 -2025-10-24
CVE-2025-6978 Diagnostics command injection vulnerability — Arista Edge Threat Management - Arista Next Generation Firewall 7.2 High2025-10-23
CVE-2016-15048 AMTT HiBOS Command Injection RCE via server_ping.php — Hotel Broadband Operation System (HiBOS) 9.8AICriticalAI2025-10-22
CVE-2024-58274 Hikvision CSMP iSecure Center 安全漏洞 — CSMP iSecure Center 8.3 High2025-10-22
CVE-2025-8078 Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞 — ATP series firmware 7.2 High2025-10-21
CVE-2025-7850 Authenticated OS command execution — Omada gateways 7.2AIHighAI2025-10-21
CVE-2025-6542 OS command injection in multiple parameters — Omada gateways 9.8AICriticalAI2025-10-21
CVE-2025-6541 OS command injection using information obtained from the web management interface — Omada gateways 7.2AIHighAI2025-10-21
CVE-2018-25118 GeoVision Command Injection RCE via /PictureCatch.cgi — GV-BX1500 9.8AICriticalAI2025-10-20
CVE-2025-47901 RCE on restore configuration password — Time Provider 4100 9.8AICriticalAI2025-10-20
CVE-2025-47900 RCE on backup configuration password — Time Provider 4100 9.8AICriticalAI2025-10-20
CVE-2025-11900 HGiga|iSherlock - OS Command Injection — iSherlock 4.5 9.8 Critical2025-10-17
CVE-2025-34514 Ilevia EVE X1 Server 4.7.18.0.eden Authenticated Command Injection — EVE X1 Server 8.8AIHighAI2025-10-16
CVE-2025-34513 Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Command Injection — EVE X1 Server 9.8AICriticalAI2025-10-16
CVE-2025-53868 BIG-IP SCP and SFTP vulnerability — BIG-IP 8.7 High2025-10-15
CVE-2025-60013 F5OS-A FIPS HSM password vulnerability — F5OS - Appliance 4.6 Medium2025-10-15
CVE-2023-7304 Ruijie RG-UAC nmc_sync.php Command Injection — RG-UAC 9.8AICriticalAI2025-10-15
CVE-2023-7311 BYTEVALUE Intelligent Flow Control Router Command Injection — Flow Control Router 10.0AICriticalAI2025-10-15
CVE-2025-59051 FreePBX Endpoint Manager command injection via Network Scanning feature — endpoint 8.8AIHighAI2025-10-14
CVE-2024-48891 Fortinet FortiSOAR 操作系统命令注入漏洞 — FortiSOAR on-premise 6.6 High2025-10-14
CVE-2025-5946 RCE via the poller reload feature available only to user with high privilege — Infra Monitoring 7.2 High2025-10-14
CVE-2025-10985 Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager Mobile 7.2 High2025-10-14
CVE-2025-10243 Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager Mobile 7.2 High2025-10-14
CVE-2025-10242 Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager Mobile 7.2 High2025-10-14
CVE-2025-47856 Fortinet FortiVoice 操作系统命令注入漏洞 — FortiVoice 7.2 High2025-10-14
CVE-2025-9976 OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x — Station Launcher App in 3DEXPERIENCE platform 9.0 Critical2025-10-13
CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection — DAP-2695 4.7 Medium2025-10-13
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller — Site Controller 6610 8.4 High2025-10-13

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.