Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2664

2664 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-54857 Seikou202fSolutions SkyBridge BASIC MB-A130 操作系统命令注入漏洞 — SkyBridge BASIC MB-A130 9.8 -2025-09-01
CVE-2025-9752 D-Link DIR-852 SOAP Service soap.cgi soapcgi_main os command injection — DIR-852 7.3 High2025-09-01
CVE-2025-9745 D-Link DI-500WF jhttpd version_upgrade.asp os command injection — DI-500WF 4.7 Medium2025-08-31
CVE-2025-9727 D-Link DIR-816L soap.cgi soapcgi_main os command injection — DIR-816L 6.3 Medium2025-08-31
CVE-2009-20010 Dogfood CRM spell.php RCE — Dogfood CRM 9.8 -2025-08-30
CVE-2005-10004 Cacti graph_view.php RCE via graph_start Parameter Injection — Cacti 8.8 -2025-08-30
CVE-2025-9377 Authenticated RCE via Parental Control command injection — Archer C7(EU) V2 8.8 -2025-08-29
CVE-2025-53508 iND多款产品 操作系统命令注入漏洞 — HL330-DLS (for module MC7700) 8.8 -2025-08-29
CVE-2025-58062 LSTM-Kirigaya's openmcp-client Vulnerable to RCE in MCP Authorization Flow — openmcp-client 8.0AIHighAI2025-08-28
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection — BL-X26 6.3 Medium2025-08-28
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection — BL-X26 6.3 Medium2025-08-28
CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection — RE6250 6.3 Medium2025-08-28
CVE-2025-58059 Valtimo scripting engine can be used to gain access to sensitive data or resources — valtimo-backend-libraries 9.1 Critical2025-08-28
CVE-2018-25115 D-Link DIR-110/412/600/615/645/815 RCE via service.cgi — DIR-110 9.8AICriticalAI2025-08-27
CVE-2024-13985 Dahua EIMS capture_handle.action RCE — EIMS 9.8AICriticalAI2025-08-27
CVE-2025-34160 AnyShare ServiceAgent API Unauthenticated RCE — AnyShare 9.8AICriticalAI2025-08-27
CVE-2025-34161 Coolify Git Repository Field Command Injection in Project Deployment Workflow — Coolify 8.8AIHighAI2025-08-27
CVE-2025-20292 Cisco NXOS Software Command Injection Vulnerability — Cisco NX-OS Software 4.4 Medium2025-08-27
CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability — Cisco Unified Computing System (Managed) 6.0 Medium2025-08-27
CVE-2025-20294 Cisco UCS Manager Software Command Injection Vulnerability — Cisco Unified Computing System (Managed) 6.5 Medium2025-08-27
CVE-2025-9528 Linksys E1700 systemCommand os command injection — E1700 4.7 Medium2025-08-27
CVE-2025-50989 OPNsense 安全漏洞 — OPNsense 9.1 Critical2025-08-27
CVE-2025-9424 Ruijie WS7204-A branch_import.php os command injection — WS7204-A 4.7 Medium2025-08-25
CVE-2025-9387 DCN DCME-720 Web Management Backend ip_block.php os command injection — DCME-720 6.3 Medium2025-08-24
CVE-2025-57771 Roo-Code potential remote code execution via auto-execute command parsing flaw — Roo-Code 8.1 High2025-08-22
CVE-2025-3128 Mitsubishi Electric Europe smartRTU OS Command Injection — smartRTU 9.8 Critical2025-08-21
CVE-2025-9262 wong2 mcp-cli oAuth provider.js redirectToAuthorization os command injection — mcp-cli 5.6 Medium2025-08-20
CVE-2025-9244 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 addStaticRoute os command injection — RE6250 6.3 Medium2025-08-20
CVE-2025-6183 Configd Injection — sdm-cli 7.5AIHighAI2025-08-20
CVE-2025-6181 StrongDM Client 安全漏洞 — sdm-cli 7.8AIHighAI2025-08-20

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2664 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.