Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2669

2669 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36022 Magento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution — Magento Commerce 9.1 Critical2021-09-01
CVE-2021-1584 Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability — Cisco NX-OS System Software in ACI Mode 6.0 Medium2021-08-25
CVE-2021-33191 MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol — Apache NiFi - MiNiFi C++ 9.8 -2021-08-24
CVE-2021-36011 Adobe Illustrator improper neutralization of special elements used in an OS command — Illustrator 8.3 High2021-08-20
CVE-2021-28634 Adobe Acrobat Reader AcrobatUtils.scpt Extension OS Command Injection Vulnerability — Acrobat Reader 8.2 High2021-08-20
CVE-2021-32830 Github diez 命令注入漏洞 — diez 3.9 Low2021-08-17
CVE-2021-3617 Lenovo Smart Camera 命令注入漏洞 — Smart Camera X3, X5, and C2E firmware 7.2 High2021-08-17
CVE-2021-3459 Motorola MM1000 操作系统命令注入漏洞 — MM1000 MoCA Adapter 6.8 Medium2021-08-17
CVE-2021-32826 Remote code execution in Proxyee-Down — proxyee-down 6.8 Medium2021-08-16
CVE-2021-3708 D-Link DSL-2750U 操作系统命令注入漏洞 — DSL-2750U 7.8 -2021-08-16
CVE-2021-3050 PAN-OS: OS Command Injection Vulnerability in Web Interface — PAN-OS 8.8 High2021-08-11
CVE-2021-33721 SINEC NMS 操作系统命令注入漏洞 — SINEC NMS 7.2 -2021-08-10
CVE-2021-21805 Advantech R-SeeNet 操作系统命令注入漏洞 — Advantech 9.8 -2021-08-05
CVE-2021-1602 Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability — Cisco Small Business RV Series Router Firmware 8.2 High2021-08-04
CVE-2021-32772 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in helper_entries — poddycast 8.8 High2021-08-03
CVE-2021-3198 Ivanti MobileIron Core clish Restricted Shell Escape via OS Command Injection — MobileIron Core 6.5 Medium2021-07-22
CVE-2021-31580 Akkadian Provisioning Manager Engine (PME) Shell Escape via 'exec' command — Provisioning Manager Engine (PME) 8.7 High2021-07-22
CVE-2021-32751 Arbitrary code execution via specially crafted environment variables — gradle 7.5 High2021-07-20
CVE-2020-5322 DELL EMC OpenManage Enterprise-Modular 操作系统操作系统命令注入漏洞 — Dell OpenManage Enterprise Modular 9.1 Critical2021-07-19
CVE-2020-29499 Dell EMC PowerStore 操作系统命令注入漏洞 — PowerStore 6.4 Medium2021-07-19
CVE-2021-21819 D-LINK DIR-3040 操作系统命令注入漏洞 — D-Link 9.8 -2021-07-16
CVE-2021-32749 Possible RCE vulnerability in mailing action using mailutils (mail-whois) — fail2ban 6.1 Medium2021-07-16
CVE-2021-32534 QSAN SANOS - Command Injection — SANOS 9.8 Critical2021-07-07
CVE-2021-32533 QSAN SANOS - Command Injection — SANOS 9.8 Critical2021-07-07
CVE-2021-32531 QSAN XEVO - Command Injection Following via Init function — XEVO 9.8 Critical2021-07-07
CVE-2021-32530 QSAN XEVO - Command Injection Following via Array function — XEVO 9.8 Critical2021-07-07
CVE-2021-32524 QSAN Storage Manager - Command Injection-3 — Storage Manager 9.1 Critical2021-07-07
CVE-2021-32513 QSAN Storage Manager - Command Injection Following via QsanTorture function — Storage Manager 9.8 Critical2021-07-07
CVE-2021-32512 QSAN Storage Manager - Command Injection Following via QuickInstall function — Storage Manager 9.8 Critical2021-07-07
CVE-2021-28804 Command Injection Vulnerabilities in QTS and QuTS hero — QTS 9.8 -2021-07-01

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2669 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.