Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2664

2664 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-59359 OS command injection in Chaos Mesh via the cleanTcs mutation 9.8 Critical2025-09-15
CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection — AC9 6.3 Medium2025-09-15
CVE-2025-10441 D-Link DI-8100G/DI-8200G/DI-8003G jhttpd version_upgrade.asp sub_433F7C os command injection — DI-8100G 6.3 Medium2025-09-15
CVE-2025-10440 D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection — DI-8100 6.3 Medium2025-09-15
CVE-2025-59377 mcp-kubernetes-server 安全漏洞 — mcp-kubernetes-server 3.7 Low2025-09-15
CVE-2025-10359 Wavlink WL-WN578W2 wireless.cgi sub_404DBC os command injection — WL-WN578W2 7.3 High2025-09-13
CVE-2025-10358 Wavlink WL-WN578W2 wireless.cgi sub_404850 os command injection — WL-WN578W2 7.3 High2025-09-13
CVE-2025-10328 MiczFlor RPi-Jukebox-RFID playsinglefile.php os command injection — RPi-Jukebox-RFID 6.3 Medium2025-09-12
CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection — RPi-Jukebox-RFID 6.3 Medium2025-09-12
CVE-2025-10326 MiczFlor RPi-Jukebox-RFID single.php os command injection — RPi-Jukebox-RFID 6.3 Medium2025-09-12
CVE-2025-27234 Zabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0. — Zabbix 9.8 -2025-09-12
CVE-2025-10265 Digiever|NVR - OS Command Injection — DS-1200 8.8 High2025-09-12
CVE-2025-43885 Dell PowerProtect Data Manager 操作系统命令注入漏洞 — PowerProtect Data Manager 7.8 High2025-09-10
CVE-2025-43884 Dell PowerProtect Data Manager 操作系统命令注入漏洞 — PowerProtect Data Manager 8.2 High2025-09-10
CVE-2025-9997 Schneider Electric Saitel DR RTU 操作系统命令注入漏洞 — Saitel DR RTU 8.0AIHighAI2025-09-09
CVE-2025-9996 Schneider Electric Saitel DR RTU 操作系统命令注入漏洞 — Saitel DR RTU 8.8AIHighAI2025-09-09
CVE-2025-23344 NVIDIA NVDebug 操作系统命令注入漏洞 — NVDebug tool 7.3 High2025-09-09
CVE-2025-54084 Calix Gigacenter ONT - Command Injection — GigaCenter ONT 7.2AIHighAI2025-09-09
CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection — Tautulli 8.1 High2025-09-09
CVE-2025-58180 OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload — OctoPrint 8.8AIHighAI2025-09-09
CVE-2025-55048 Baicells多款产品 操作系统命令注入漏洞 — NEUTRINO430, NOVA436Q, NOVA430e/430i, NOVA846, NOVA246, NOVA243, NOVA233, NOVA227 9.8 Critical2025-09-09
CVE-2024-45325 Fortinet FortiDDoS-F 操作系统命令注入漏洞 — FortiDDoS-F 6.5 Medium2025-09-09
CVE-2025-54994 @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API — create-mcp-server-stdio 9.8AICriticalAI2025-09-08
CVE-2025-58374 Roo Code: Auto-approve allows npm install execution of malicious postinstall scripts — Roo-Code 7.8 High2025-09-06
CVE-2025-58371 Roo Code is vulnerable to command injection via GitHub actions workflow — Roo-Code 8.8AIHighAI2025-09-05
CVE-2025-58370 Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference — Roo-Code 8.1 High2025-09-05
CVE-2025-55037 TkEasyGUI 操作系统命令注入漏洞 — TkEasyGUI 9.8AICriticalAI2025-09-05
CVE-2025-8613 Vacron Camera ping Command Injection Remote Code Execution Vulnerability — Camera 8.8 -2025-09-02
CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup) — Extension "TYPO3 Backup Plus" 9.8AICriticalAI2025-09-02
CVE-2025-57799 StreamVault can perform remote command execution — StreamVault 8.8AIHighAI2025-09-01

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2664 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.