Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-34093 Polycom HDX Series Telnet Command Injection via lan traceroute — HDX Series 8.8AIHighAI2025-07-10
CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter — Media Server 9.8AICriticalAI2025-07-10
CVE-2025-34099 VICIdial vicidial_sales_viewer.php Unauthenticated Command Injection via Basic Auth Password — VICIdial 9.8AICriticalAI2025-07-10
CVE-2025-53542 Kubernetes Headlamp Allows Arbitrary Command Injection in macOS Process headlamp@codeSign — headlamp 7.8 High2025-07-10
CVE-2025-46334 Git GUI malicious command injection on Windows — git-gui 8.6 High2025-07-10
CVE-2025-27614 Gitk allows arbitrary command execution — gitk 8.6 High2025-07-10
CVE-2025-27613 Gitk can create and truncate files in the user's home directory — gitk 3.6 Low2025-07-10
CVE-2025-7407 Netgear D6400 diag.cgi os command injection — D6400 6.3 Medium2025-07-10
CVE-2025-6514 OS command injection in mcp-remote when connecting to untrusted MCP servers 9.6 Critical2025-07-09
CVE-2025-3499 Unauthenticated execution of arbitrary commands in Radiflow iSAP Smart Collector — iSAP Smart Collector 10.0 Critical2025-07-09
CVE-2025-49537 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusion 7.9 High2025-07-08
CVE-2025-6771 OS command injection in Ivanti Endpoint Manager — Endpoint Manager Mobile 7.2 High2025-07-08
CVE-2025-6770 OS command injection in Ivanti Endpoint Manager — Endpoint Manager Mobile 7.2 High2025-07-08
CVE-2025-25269 Local Privilege Escalation via Unauthenticated Command Injection — CHARX SEC-3150 8.4 High2025-07-08
CVE-2025-7154 TOTOLINK N200RE cstecgi.cgi sub_41A0F8 os command injection — N200RE 6.3 Medium2025-07-08
CVE-2025-20319 Remote Command Execution through Scripted Input Files in Splunk Enterprise — Splunk Enterprise 6.8 Medium2025-07-07
CVE-2025-53376 Dokploy allows attackers to run arbitrary OS commands on the Dokploy host. — dokploy 8.8AIHighAI2025-07-07
CVE-2025-3705 OS Command Injection via USB Config Load — FDS102 6.8 Medium2025-07-07
CVE-2025-3626 OS Command Injection via Config Upload in WebUI — FDS102 9.1 Critical2025-07-07
CVE-2025-48501 Nimesa Backup and Recovery 操作系统命令注入漏洞 — Nimesa Backup and Recovery 9.8AICriticalAI2025-07-07
CVE-2025-7145 TeamT5|ThreatSonar Anti-Ransomware - OS Command Injection — ThreatSonar Anti-Ransomware 7.2 High2025-07-07
CVE-2025-7097 Comodo Internet Security Premium Manifest File cis_update_x64.xml os command injection — Internet Security Premium 8.1 High2025-07-06
CVE-2025-7083 Belkin F9K1122 webs mp os command injection — F9K1122 6.3 Medium2025-07-06
CVE-2025-7082 Belkin F9K1122 webs formBSSetSitesurvey os command injection — F9K1122 6.3 Medium2025-07-06
CVE-2025-7081 Belkin F9K1122 webs formSetWanStatic os command injection — F9K1122 6.3 Medium2025-07-06
CVE-2025-47228 Scriptcase 操作系统命令注入漏洞 — ScriptCase 6.7 Medium2025-07-05
CVE-2025-34087 Pi-Hole AdminLTE Whitelist (now 'Web Allowlist') Remote Command Execution — Web 7.2AIHighAI2025-07-03
CVE-2025-34088 Pandora FMS Authenticated Remote Code Execution via Ping Module — Pandora FMS 8.8AIHighAI2025-07-03
CVE-2025-34082 IGEL OS Secure Terminal and Secure Shadow Remote Code Execution — OS 9.8AICriticalAI2025-07-03
CVE-2025-20308 Cisco Spaces Connector Privilege Escalation Vulnerability — Cisco DNA Spaces Connector 6.0 Medium2025-07-02

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.