CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2676

2676 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-24623	Softaculous Webuzo FTP Management Command Injection — Webuzo	8.8	High	2024-07-25
CVE-2024-7066	F-logic DataCube3 HTTP POST Request config_time_sync.php os command injection — DataCube3	7.3	High	2024-07-24
CVE-2024-39686	fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py bert_gen function — Bert-VITS2	9.8	Critical	2024-07-22
CVE-2024-39685	fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function — Bert-VITS2	9.8	Critical	2024-07-22
CVE-2024-37066	Wyze Cam 安全漏洞 — Wyze Cam V4 Pro	6.8	Medium	2024-07-19
CVE-2024-34013	Acronis True Image 操作系统命令注入漏洞 — Acronis True Image	7.8^AI	High^AI	2024-07-18
CVE-2024-40641	Unsigned code template execution through workflows in projectdiscovery/nuclei — nuclei	7.4	High	2024-07-17
CVE-2024-39524	Junos OS Evolved: CLI parameter processing issue allows privilege escalation — Junos OS Evolved	7.8	High	2024-07-11
CVE-2024-39523	Junos OS Evolved: CLI parameter processing issue allows privilege escalation — Junos OS Evolved	7.8	High	2024-07-11
CVE-2024-39522	Junos OS Evolved: CLI parameter processing issue allows privilege escalation — Junos OS Evolved	7.8	High	2024-07-11
CVE-2024-39521	Junos OS Evolved: CLI parameter processing issue allows privilege escalation — Junos OS Evolved	7.8	High	2024-07-11
CVE-2024-39520	Junos OS Evolved: CLI parameter processing issue allows privilege escalation — Junos OS Evolved	7.8	High	2024-07-11
CVE-2024-3799	Shell command injection in Phoniebox — Phoniebox	8.8^AI	High^AI	2024-07-10
CVE-2024-28750	ifm: Deleting function in Smart PLC allows command injections — Smart PLC AC14xx Firmware	7.2	High	2024-07-09
CVE-2024-28749	ifm: Writing file function in Smart PLC allows command injections — Smart PLC AC14xx Firmware	7.2	High	2024-07-09
CVE-2024-28748	ifm: Reading function in Smart PLC allows command injections — Smart PLC AC14xx Firmware	7.2	High	2024-07-09
CVE-2023-50382	Realtek rtl819x Jungle SDK 操作系统命令注入漏洞 — WBR-6013	7.2	High	2024-07-08
CVE-2023-50383	Realtek rtl819x Jungle SDK 操作系统命令注入漏洞 — WBR-6013	7.2	High	2024-07-08
CVE-2023-50381	Realtek rtl819x Jungle SDK 操作系统命令注入漏洞 — WBR-6013	7.2	High	2024-07-08
CVE-2024-6507	Deep Lake Kaggle command injection	8.1	High	2024-07-04
CVE-2024-32937	Grandstream GXP2135 操作系统命令注入漏洞 — GXP2135	8.1	High	2024-07-03
CVE-2024-5672	Red Lion Europe: mbNET.mini vulnerable to OS command injection — mbNET.mini	7.2	High	2024-07-03
CVE-2024-20399	Cisco NX-OS Software CLI Command Injection Vulnerability — Cisco NX-OS Software	6.0	Medium	2024-07-01
CVE-2024-39351	Synology Camera Firmware 操作系统命令注入漏洞 — Camera Firmware	7.2	High	2024-06-28
CVE-2023-47802	Synology Camera Firmware 操作系统命令注入漏洞 — Camera Firmware	7.2	High	2024-06-28
CVE-2024-37140	Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect DD	8.8	High	2024-06-26
CVE-2024-5181	Command Injection in mudler/localai — mudler/localai	7.2^AI	High^AI	2024-06-26
CVE-2024-4748	RCE in Cruddiy — CRUDDIY	8.8	High	2024-06-24
CVE-2024-6187	Ruijie RG-UAC sub_commit.php os command injection — RG-UAC	6.3	Medium	2024-06-20
CVE-2024-6186	Ruijie RG-UAC commit.php os command injection — RG-UAC	6.3	Medium	2024-06-20

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2676