CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-35959	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-35960	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-35961	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-35962	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-35963	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-35964	GTKWave 操作系统命令注入漏洞 — GTKWave	7.8	High	2024-01-08
CVE-2023-29048	Open-Xchange App Suite 安全漏洞 — OX App Suite	8.8	High	2024-01-08
CVE-2024-0299	Totolink N200RE cstecgi.cgi setTracerouteCfg os command injection — N200RE	7.3	High	2024-01-08
CVE-2024-0298	Totolink N200RE cstecgi.cgi setDiagnosisCfg os command injection — N200RE	7.3	High	2024-01-08
CVE-2024-0297	Totolink N200RE cstecgi.cgi UploadFirmwareFile os command injection — N200RE	7.3	High	2024-01-08
CVE-2024-0296	Totolink N200RE cstecgi.cgi NTPSyncWithHost os command injection — N200RE	7.3	High	2024-01-08
CVE-2024-0295	Totolink LR1200GB cstecgi.cgi setWanCfg os command injection — LR1200GB	7.3	High	2024-01-08
CVE-2024-0294	Totolink LR1200GB cstecgi.cgi setUssd os command injection — LR1200GB	7.3	High	2024-01-08
CVE-2024-0293	Totolink LR1200GB cstecgi.cgi setUploadSetting os command injection — LR1200GB	6.3	Medium	2024-01-08
CVE-2024-0292	Totolink LR1200GB cstecgi.cgi setOpModeCfg os command injection — LR1200GB	6.3	Medium	2024-01-08
CVE-2023-39294	QTS, QuTS hero — QTS	6.6	Medium	2024-01-05
CVE-2023-41288	Video Station — Video Station	8.8	High	2024-01-05
CVE-2023-41289	QcalAgent — QcalAgent	6.3	Medium	2024-01-05
CVE-2023-52314	Command injection in convert_shape_compare — PaddlePaddle	9.6	Critical	2024-01-03
CVE-2023-52311	Command injection in _wget_download — PaddlePaddle	9.6	Critical	2024-01-03
CVE-2023-52310	Command injection in get_online_pass_interval — PaddlePaddle	9.6	Critical	2024-01-03
CVE-2023-4464	Poly VVX 601 Diagnostic Telnet Mode os command injection — Trio 8300	7.2	High	2023-12-29
CVE-2023-7116	WeiYe-Jing datax-web HTTP POST Request killJob os command injection — datax-web	6.3	Medium	2023-12-27
CVE-2023-7093	KylinSoft kylin-system-updater com.kylin.systemupgrade Service UpgradeStrategiesDbus.py os command injection — kylin-system-updater	5.3	Medium	2023-12-24
CVE-2023-7002	Backup Migration <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url — BackupBliss – Backup & Migration with Free Cloud Storage	7.2	High	2023-12-23
CVE-2023-35895	IBM Informix JDBC code execution — Informix JDBC	6.3	Medium	2023-12-20
CVE-2019-25158	pedroetb tts-api app.js onSpeechDone os command injection — tts-api	5.5	Medium	2023-12-19
CVE-2023-6901	codelyfe Stupid Simple CMS HTTP POST Request handle-command.php os command injection — Stupid Simple CMS	7.3	High	2023-12-17
CVE-2023-6895	Hikvision Intercom Broadcasting System ping.php os command injection — Intercom Broadcasting System	6.3	Medium	2023-12-17
CVE-2023-48380	Softnext Mail SQR Expert - Command Injection — Mail SQR Expert	7.4	High	2023-12-15

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682