Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-39367 Peplink Smart Reader 操作系统命令注入漏洞 — Smart Reader 9.1 Critical2024-04-17
CVE-2024-3880 Tenda W30E WriteFacMac formWriteFacMac os command injection — W30E 6.3 Medium2024-04-16
CVE-2024-2659 Lenovo SMM/SMM2/FPC 安全漏洞 — SMM, SMM2, FPC 7.2 High2024-04-15
CVE-2023-4856 Lenovo SMM/SMM2/FPC 安全漏洞 — SMM, SMM2, FPC 8.8 High2024-04-15
CVE-2023-4855 Lenovo SMM/SMM2/FPC 安全漏洞 — SMM, SMM2, FPC 7.2 High2024-04-15
CVE-2024-3781 OS Command Injection vulnerability in WBSAirback — White Bear Solutions 9.1 Critical2024-04-15
CVE-2024-1655 ASUS WiFi Router - OS Command Injection — ExpertWiFi EBM63 8.8 High2024-04-15
CVE-2024-3739 cym1102 nginxWebUI upload os command injection — nginxWebUI 6.3 Medium2024-04-13
CVE-2024-3721 TBK DVR-4104/DVR-4216 os command injection — DVR-4104 6.3 Medium2024-04-13
CVE-2024-2029 Command Injection in mudler/localai — mudler/localai 9.8AICriticalAI2024-04-10
CVE-2024-1520 OS Command Injection in parisneo/lollms-webui — parisneo/lollms-webui 9.8AICriticalAI2024-04-10
CVE-2024-2243 Csmock: command injection vulnerability in csmock-plugin-snyk 7.6 High2024-04-10
CVE-2024-24576 Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows — rust 10.0 Critical2024-04-09
CVE-2024-22423 yt-dlp `--exec` command injection when using `%q` in yt-dlp on Windows — yt-dlp 8.4 High2024-04-09
CVE-2024-21755 Fortinet FortiSandbox 安全漏洞 — FortiSandbox 8.6 High2024-04-09
CVE-2023-47540 Fortinet FortiSandbox 操作系统命令注入漏洞 — FortiSandbox 6.5 Medium2024-04-09
CVE-2024-21756 Fortinet FortiSandbox 操作系统命令注入漏洞 — FortiSandbox 8.6 High2024-04-09
CVE-2023-6320 Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint — webOS 9.1 Critical2024-04-09
CVE-2023-6319 Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service — webOS 9.1 Critical2024-04-09
CVE-2023-6318 Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service — webOS 9.1 Critical2024-04-09
CVE-2023-1082 Welotec: Command injection vulnerability in TK500v1 router series — TK515L 8.8 High2024-04-09
CVE-2024-30414 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5AIHighAI2024-04-07
CVE-2024-3346 Byzoro Smart S80 webmailattach.php os command injection — Smart S80 6.3 Medium2024-04-05
CVE-2023-3454 Brocade Fabric OS 安全漏洞 — Fabric OS 8.6 High2024-04-04
CVE-2024-1180 TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability — Omada ER605 8.0 -2024-04-03
CVE-2023-25699 WordPress VideoWhisper Live Streaming Integration plugin <= 5.5.15 - Remote Code Execution (RCE) — VideoWhisper Live Streaming Integration 9.0 Critical2024-04-03
CVE-2024-2389 Flowmon Unauthenticated Command Injection Vulnerability — Flowmon 10.0 Critical2024-04-02
CVE-2023-51572 Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability — ViewPower Pro 9.8 -2024-04-01
CVE-2024-30247 Command Injection as root in NextCloudPi web panel — nextcloudpi 10.0 Critical2024-03-29
CVE-2024-25955 Dell vApp Manager 操作系统命令注入漏洞 — Virtual Appliance (vApp) Manager 7.2 High2024-03-28

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.