CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-8640	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8639	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8638	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8637	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8636	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8635	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8634	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8633	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8632	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8631	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8630	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8629	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2025-8628	Kenwood DMX958XR Firmware Update Command Injection Vulnerability — DMX958XR	6.8^AI	Medium^AI	2025-08-06
CVE-2012-10028	Netwin SurgeFTP <= v23c8 Authenticated RCE — SurgeFTP	8.8^AI	High^AI	2025-08-05
CVE-2012-10033	Narcissus backend.php Image Configuration Command Injection — Narcissus	9.8^AI	Critical^AI	2025-08-05
CVE-2012-10029	Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection — Nagios XI Graph Explorer	8.8^AI	High^AI	2025-08-05
CVE-2013-10069	D-Link Devices Unauthenticated RCE — DIR-600 rev B	9.8^AI	Critical^AI	2025-08-05
CVE-2025-2611	ICTBroadcast <= 7.4 Unauthenticated Session Cookie RCE — ICTBroadcast	9.8^AI	Critical^AI	2025-08-05
CVE-2025-54987	Trend Micro Apex One 安全漏洞 — Trend Micro Apex One	9.4	Critical	2025-08-05
CVE-2025-54948	Trend Micro Apex One 安全漏洞 — Trend Micro Apex One	9.4	Critical	2025-08-05
CVE-2025-54135	Cursor Agent is vulnerable to prompt injection via MCP Special Files — cursor	8.6	High	2025-08-05
CVE-2025-54795	Claude Code echo command allowed bypass of user approval prompt for command execution — claude-code	8.3^AI	High^AI	2025-08-05
CVE-2025-34147	Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via SSID — M300 Wi-Fi Repeater	8.8^AI	High^AI	2025-08-04
CVE-2025-30099	Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release	7.8	High	2025-08-04
CVE-2025-30098	Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release	6.7	Medium	2025-08-04
CVE-2025-30097	Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release	6.7	Medium	2025-08-04
CVE-2025-30096	Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release	6.7	Medium	2025-08-04
CVE-2025-36607	Dell Unity 操作系统命令注入漏洞 — Unity	7.8	High	2025-08-04
CVE-2025-36606	Dell Unity 操作系统命令注入漏洞 — Unity	7.8	High	2025-08-04
CVE-2025-36604	Dell Unity 操作系统命令注入漏洞 — Unity	7.3	High	2025-08-04

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669