CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2676

2676 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-8686	PAN-OS: Command Injection Vulnerability — PAN-OS	7.2^AI	High^AI	2024-09-11
CVE-2024-6091	Shell Command Denylist Bypass in significant-gravitas/autogpt — significant-gravitas/autogpt	9.8^AI	Critical^AI	2024-09-11
CVE-2024-8190	Ivanti Cloud Services Appliance 安全漏洞 — CSA (Cloud Services Appliance)	7.2	High	2024-09-10
CVE-2024-8504	VICIdial Authenticated Remote Code Execution — VICIdial	8.8^AI	High^AI	2024-09-10
CVE-2024-43387	Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices — FL MGUARD 2102	8.8	High	2024-09-10
CVE-2024-43386	Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices. — FL MGUARD 2102	8.8	High	2024-09-10
CVE-2024-43385	Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices — FL MGUARD 2102	8.8	High	2024-09-10
CVE-2024-7699	Phoenix Contact: OS command execution in MGUARD products — FL MGUARD 2102	8.8	High	2024-09-10
CVE-2024-6342	Zyxel NAS542和NAS326 操作系统命令注入漏洞 — NAS326 firmware	9.8	Critical	2024-09-10
CVE-2024-8574	TOTOLINK AC1200 T8 cstecgi.cgi setParentalRules os command injection — AC1200 T8	6.3	Medium	2024-09-08
CVE-2024-21906	QTS, QuTS hero — QTS	4.7	Medium	2024-09-06
CVE-2023-34979	QTS, QuTS hero — QTS	6.6	Medium	2024-09-06
CVE-2023-34974	QTS, QuTS hero, QuTScloud, QVR, QES — QTS	8.8	High	2024-09-06
CVE-2023-39300	QTS — QTS	7.2	High	2024-09-06
CVE-2024-21898	QTS, QuTS hero — QTS	8.8	High	2024-09-06
CVE-2024-7591	Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection — LoadMaster	10.0	Critical	2024-09-05
CVE-2024-20469	Cisco Identity Services Engine Command Injection Vulnerability — Cisco Identity Services Engine Software	6.0	Medium	2024-09-04
CVE-2024-43405	Nuclei Template Signature Verification Bypass — nuclei	7.4	High	2024-09-04
CVE-2024-43402	Rust OS Command Injection/Argument Injection vulnerability — rust	8.2	High	2024-09-04
CVE-2024-7261	Zyxel多款产品操作系统命令注入漏洞 — NWA1123ACv3 firmware	9.8	Critical	2024-09-03
CVE-2024-42060	Zyxel多款产品操作系统命令注入漏洞 — ATP series firmware	7.2	High	2024-09-03
CVE-2024-42059	Zyxel多款产品安全漏洞 — ATP series firmware	7.2	High	2024-09-03
CVE-2024-42057	Zyxel多款产品操作系统命令注入漏洞 — ATP series firmware	8.1	High	2024-09-03
CVE-2024-7203	Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞 — ATP series firmware	7.2	High	2024-09-03
CVE-2024-8234	Zyxel NWA1100-N 操作系统命令注入漏洞 — NWA1100-N firmware	7.5	High	2024-08-30
CVE-2024-43804	OS Command Injection via Port Scan Functionality in Roxy-WI — roxy-wi	8.8	High	2024-08-29
CVE-2024-20289	Cisco NX-OS Software Command Injection Vulnerability — Cisco NX-OS Software	4.4	Medium	2024-08-28
CVE-2023-26315	Xiaomi router has a command injection vulnerability after authorization — Router AX9000	6.5	Medium	2024-08-26
CVE-2024-8077	TOTOLINK AC1200 T8 setTracerouteCfg os command injection — AC1200 T8	6.3	Medium	2024-08-22
CVE-2024-8075	TOTOLINK AC1200 T8 setDiagnosisCfg os command injection — AC1200 T8	6.3	Medium	2024-08-22

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2676