Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-53286 Synology Router Manager 操作系统命令注入漏洞 — Synology Router Manager (SRM) 7.2 High2025-07-23
CVE-2025-43020 Poly Clariti Manager - Multiple Security Vulnerabilities — Poly Clariti Manager 7.2 -2025-07-22
CVE-2025-54072 yt-dlp allows `--exec` command injection when using placeholder on Windows — yt-dlp 7.5 High2025-07-22
CVE-2025-7724 Unauthenticated command injection on VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2 — VIGI NVR1104H-4P V1 9.8 -2025-07-22
CVE-2025-7723 Authenticated command injection on VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2 — VIGI NVR1104H-4P V1 8.8 -2025-07-22
CVE-2025-53472 ELECOM WRC-BE36QS-B和ELECOM WRC-W701-B 操作系统命令注入漏洞 — WRC-BE36QS-B 7.2 High2025-07-22
CVE-2025-7382 Sophos Firewall 安全漏洞 — Sophos Firewall 8.8 High2025-07-21
CVE-2025-6704 Sophos Firewall 安全漏洞 — Sophos Firewall 9.8 Critical2025-07-21
CVE-2025-41675 Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization — mbNET.mini 7.2 High2025-07-21
CVE-2025-41674 Remote Command Injection in diagnostic Action Due to Improper Input Neutralization — mbNET.mini 7.2 High2025-07-21
CVE-2025-41673 Remote Command Injection in send_sms Action Due to Improper Input Neutralization — mbNET.mini 7.2 High2025-07-21
CVE-2025-54314 Thor 操作系统命令注入漏洞 — Thor 2.8 Low2025-07-20
CVE-2025-7788 Xuxueli xxl-job SampleXxlJob.java commandJobHandler os command injection — xxl-job 6.3 Medium2025-07-18
CVE-2025-34132 LILIN DVR Command Injection via NTPUpdate in dvr_box — DVR Firmware 9.8AICriticalAI2025-07-16
CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration — DVR Firmware 7.2AIHighAI2025-07-16
CVE-2025-34125 D-Link DSP-W110A1 Cookie Command Injection — DSP-W110A1 9.8AICriticalAI2025-07-16
CVE-2025-34103 WePresent WiPG-1000 Unauthenticated Command Injection in via rdfs.cgi — WiPG-1000 9.8AICriticalAI2025-07-15
CVE-2025-34115 OP5 Monitor <= 7.1.9 Authenticated Command Execution via command_test.php — OP5 Monitor 8.8AIHighAI2025-07-15
CVE-2025-34116 IPFire < 2.19 Core Update 101 proxy.cgi RCE — IPFire 8.8AIHighAI2025-07-15
CVE-2025-53818 github-kanban-mcp-server Command Injection vulnerability — github-kanban-mcp-server 9.8AICriticalAI2025-07-14
CVE-2025-53623 Job Iteration API is vulnerable to OS Command Injection attack through its CsvEnumerator class — job-iteration 8.8AIHighAI2025-07-14
CVE-2025-7451 Hgiga|iSherlock - OS Command Injection — iSherlock-maillog-4.5 9.8 Critical2025-07-14
CVE-2025-7553 D-Link DIR-818LW System Time Page os command injection — DIR-818LW 4.7 Medium2025-07-13
CVE-2025-52988 Junos OS and Junos OS Evolved: Privilege escalation to root via CLI command 'request system logout' — Junos OS 6.7 Medium2025-07-11
CVE-2025-50121 Schneider Electric EcoStruxure IT Data Center Expert 操作系统命令注入漏洞 — EcoStruxure™ IT Data Center Expert 9.8AICriticalAI2025-07-11
CVE-2025-52994 phpThumb 操作系统命令注入漏洞 — phpThumb 4.9 Medium2025-07-11
CVE-2013-3307 Linksys多款产品 操作系统命令注入漏洞 — E1000 8.3 High2025-07-11
CVE-2025-53637 Meshtastic allows Command Injection in GitHub Action — firmware 4.1 Medium2025-07-10
CVE-2025-7414 Tenda O3V2 httpd setPingInfo fromNetToolGet os command injection — O3V2 6.3 Medium2025-07-10
CVE-2025-34095 Mako Server v2.5 and v2.6 OS Command Injection via examples/save.lsp — Mako Server 9.8AICriticalAI2025-07-10

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.