CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-20193	Cisco IOS XE 操作系统命令注入漏洞 — Cisco IOS XE Software	6.5	Medium	2025-05-07
CVE-2025-20186	Cisco IOS XE 操作系统命令注入漏洞 — Cisco IOS XE Software	8.8	High	2025-05-07
CVE-2025-32821	SonicWALL SMA100 安全漏洞 — SMA100	7.2^AI	High^AI	2025-05-07
CVE-2025-20213	Cisco Catalyst SDWAN Manager Arbitrary File Overwrite Vulnerability — Cisco Catalyst SD-WAN Manager	5.5	Medium	2025-05-07
CVE-2025-47203	dropbear 安全漏洞 — Dropbear SSH	4.5	Medium	2025-05-07
CVE-2025-2605	Authenticated command injection — MB-Secure	9.9	Critical	2025-05-02
CVE-2024-6032	Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability — Model S	7.8^AI	High^AI	2025-04-30
CVE-2025-24351	Bosch Rexroth ctrlX OS 安全漏洞 — ctrlX OS - Device Admin	8.8	High	2025-04-30
CVE-2025-4032	inclusionAI AWorld shell_tool.py subprocess.Popen os command injection — AWorld	5.0	Medium	2025-04-28
CVE-2022-41871	SEPPmail 安全漏洞 — SEPPmail	6.0	Medium	2025-04-28
CVE-2025-46272	Planet Technology Network Products OS Command Injection — WGS-804HPT-V2	9.1	Critical	2025-04-24
CVE-2025-46271	Planet Technology Network Products OS Command Injection — UNI-NMS-Lite	9.1	Critical	2025-04-24
CVE-2025-2773	BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability — Multiple Routers	7.2	-	2025-04-23
CVE-2025-43920	GNU Mailman 安全漏洞 — Mailman	5.4	Medium	2025-04-20
CVE-2025-3816	westboy CicadasCMS Scheduled Task save os command injection — CicadasCMS	4.7	Medium	2025-04-19
CVE-2025-3729	SourceCodester Web-based Pharmacy Product Management System Database Backup backup.php os command injection — Web-based Pharmacy Product Management System	7.3	High	2025-04-16
CVE-2025-32778	Web-Check allows command Injection via Unvalidated URL in Screenshot API — web-check	9.8^AI	Critical^AI	2025-04-15
CVE-2025-0119	Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM — Cortex XDR Broker VM	8.8^AI	High^AI	2025-04-11
CVE-2025-32107	TP-LINK Deco BE65 Pro 操作系统命令注入漏洞 — Deco BE65 Pro	8.8^AI	High^AI	2025-04-11
CVE-2025-0127	PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series — Cloud NGFW	7.2^AI	High^AI	2025-04-11
CVE-2025-27797	Inaba Denki Sangyo Wi-Fi AP UNIT 操作系统命令注入漏洞 — AC-WPS-11ac	9.8	Critical	2025-04-09
CVE-2025-25053	Inaba Denki Sangyo Wi-Fi AP UNIT 操作系统命令注入漏洞 — AC-WPS-11ac	8.8	High	2025-04-09
CVE-2025-30289	ColdFusion \| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusion	8.2	High	2025-04-08
CVE-2025-30286	ColdFusion \| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusion	8.4	High	2025-04-08
CVE-2024-54024	Fortinet FortiIsolator 操作系统命令注入漏洞 — FortiIsolator	7.0	High	2025-04-08
CVE-2024-54025	Fortinet FortiIsolator 操作系统命令注入漏洞 — FortiIsolator	6.5	Medium	2025-04-08
CVE-2024-41790	Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞 — SENTRON 7KT PAC1260 Data Manager	9.1	Critical	2025-04-08
CVE-2024-41789	Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞 — SENTRON 7KT PAC1260 Data Manager	9.1	Critical	2025-04-08
CVE-2024-41788	Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞 — SENTRON 7KT PAC1260 Data Manager	9.1	Critical	2025-04-08
CVE-2025-3363	HGiga iSherlock - OS Command Injection — iSherlock 4.5	9.8	Critical	2025-04-08

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669