Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-44960 RUCKUS SmartZone 操作系统命令注入漏洞 — SmartZone 8.5 High2025-08-04
CVE-2025-44961 RUCKUS SmartZone 操作系统命令注入漏洞 — SmartZone 9.9 Critical2025-08-04
CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals — cursor 7.2 High2025-08-01
CVE-2025-54133 Cursor's MCP Install Deeplink Does Not Show Arguments in its User-Dialog — cursor 8.1 -2025-08-01
CVE-2013-10053 ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution — ZPanel 8.8 -2025-08-01
CVE-2013-10049 Raidsonic NAS Devices Unauthenticated Remote Command Execution — IB-NAS5220 9.8 -2025-08-01
CVE-2013-10060 Netgear Routers pppoe.cgi RCE — DGN2200B 8.8 -2025-08-01
CVE-2013-10061 Netgear Routers setup.cgi RCE — DGN1000B 8.8 -2025-08-01
CVE-2013-10058 Linksys Routers apply.cgi Remote Command Injection — WRT160nv2 8.8 -2025-08-01
CVE-2013-10048 D-Link Devices command.php Unauthenticated RCE — DIR-600 9.8 -2025-08-01
CVE-2013-10050 D-Link Devices tools_vct.xgi Unauthenticated RCE — DIR-300 rev A 8.8 -2025-08-01
CVE-2013-10059 D-Link Routers tools_vct.htm OS Command Injection — DIR-615H1 8.8 -2025-08-01
CVE-2025-54595 Pearcleaner's unauthenticated access to privileged XPC helper allows root command execution — Pearcleaner 7.3 High2025-08-01
CVE-2025-8473 Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability — iLX-507 6.8 -2025-08-01
CVE-2013-10037 WebTester 5.x install2.php Unauthenticated Command Execution — WebTester 9.8AICriticalAI2025-07-31
CVE-2014-125124 Pandora FMS <= 5.0RC1 Anyterm Unauthenticated Command Injection — Pandora FMS 9.8AICriticalAI2025-07-31
CVE-2013-10039 GestioIP 3.0 ip_checkhost.cgi RCE — IPAM 8.8AIHighAI2025-07-31
CVE-2025-54430 dedupe is vulnerable to secret exfiltration via `issue_comment` — dedupe 9.1 Critical2025-07-30
CVE-2025-54418 CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability — CodeIgniter4 9.8 Critical2025-07-28
CVE-2025-53695 Johnson Controls iSTAR Ultra 安全漏洞 — iSTAR Ultra 8.8AIHighAI2025-07-28
CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection — VaelsysV4 7.3 High2025-07-28
CVE-2023-53158 gix-transport crate 操作系统命令注入漏洞 — gix-transport 4.1 Medium2025-07-28
CVE-2025-54415 dag-factory's CI/CD Workflow Allows for Repository Takeover and Secret Exfiltration — dag-factory 9.8 -2025-07-26
CVE-2014-125118 eScan 5.5-2 Web Management Console Command Injection — eScan Web Management Console 8.8 -2025-07-25
CVE-2019-25224 WP Database Backup < 5.2 - Unauthenticated OS Command Injection — WP Database Backup – Unlimited Database & Files Backup by Backup for WP 9.8 Critical2025-07-25
CVE-2025-29631 Gardyn 4安全漏洞 — Home Kit Firmware 9.8 Critical2025-07-25
CVE-2025-7404 Calibre Web 0.6.24 & Autocaliweb 0.7.0 - Blind C — Calibre Web 9.8 -2025-07-24
CVE-2015-10141 Xdebug Remote Debugger Unauthenticated OS Command Execution — Xdebug 9.8 -2025-07-23
CVE-2025-41684 Weidmueller: Root Command Injection via Unsanitized Input in tls_iotgen_setting Endpoint — IE-SR-2TX-WL 8.8 High2025-07-23
CVE-2025-41683 Weidmueller: Root Command Injection via Unsanitized Input in event_mail_test Endpoint — IE-SR-2TX-WL 8.8 High2025-07-23

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.