Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2664

2664 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-10242 Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager Mobile 7.2 High2025-10-14
CVE-2025-47856 Fortinet FortiVoice 操作系统命令注入漏洞 — FortiVoice 7.2 High2025-10-14
CVE-2025-9976 OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x — Station Launcher App in 3DEXPERIENCE platform 9.0 Critical2025-10-13
CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection — DAP-2695 4.7 Medium2025-10-13
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller — Site Controller 6610 8.4 High2025-10-13
CVE-2016-15047 AVTECH CloudSetup.cgi Authenticated Command Injection — IP Camera, NVR, and DVR Devices 8.8AIHighAI2025-10-09
CVE-2025-60006 Junos OS Evolved: OS command injection vulnerabilities fixed — Junos OS Evolved 5.3 Medium2025-10-09
CVE-2025-10239 Unintended command execution via troubleshooting scripts in Progress Flowmon — Flowmon 7.2 High2025-10-09
CVE-2025-11491 wonderwhy-er DesktopCommanderMCP command-manager.ts CommandManager os command injection — DesktopCommanderMCP 6.3 Medium2025-10-08
CVE-2025-11490 wonderwhy-er DesktopCommanderMCP Absolute Path command-manager.ts extractBaseCommand os command injection — DesktopCommanderMCP 6.3 Medium2025-10-08
CVE-2025-11407 D-Link DI-7001 MINI upgrade_filter.asp os command injection — DI-7001 MINI 6.3 Medium2025-10-07
CVE-2025-36566 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-36569 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-36567 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-43908 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.4 Medium2025-10-07
CVE-2025-43911 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-43906 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-43890 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-54404 Planet WGR-500 安全漏洞 — WGR-500 8.8 High2025-10-07
CVE-2025-54403 Planet WGR-500 安全漏洞 — WGR-500 8.8 High2025-10-07
CVE-2025-54406 Planet WGR-500 安全漏洞 — WGR-500 8.8 High2025-10-07
CVE-2025-54405 Planet WGR-500 安全漏洞 — WGR-500 8.8 High2025-10-07
CVE-2025-36354 IBM Security Verify Access command execution — Security Verify Access Appliance 7.3 High2025-10-06
CVE-2025-11285 samanhappy MCPHub serverController.ts os command injection — MCPHub 6.3 Medium2025-10-05
CVE-2025-47212 QTS, QuTS hero — QTS 7.2 -2025-10-03
CVE-2025-61591 Cursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code Execution — cursor 8.8 High2025-10-03
CVE-2025-10659 MegaSys Enterprises Telenium Online Web Application OS Command Injection — Telenium Online Web Application: 9.8 Critical2025-09-30
CVE-2025-11148 check-branches 安全漏洞 — check-branches 9.8 Critical2025-09-30
CVE-2025-9762 Post By Email <= 1.0.4b - Unauthenticated Arbitrary File Upload via Email Attachments — Post By Email 9.8 Critical2025-09-30
CVE-2025-36245 IBM InfoSphere Information Server command execution — InfoSphere Information Server 8.8 High2025-09-29

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2664 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.