Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-47816 Thecus N4800Eco Nas Server Control Panel - Command Injection — Thecus N4800Eco Nas Server Control Panel 8.8 High2026-01-16
CVE-2026-20759 TOA TRIFORA 3 Series 操作系统命令注入漏洞 — Multiple Network Cameras TRIFORA 3 series 8.8 -2026-01-16
CVE-2021-47794 ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated) — ZesleCP 8.8 High2026-01-15
CVE-2026-23520 Arcane has a Command Injection in Arcane Updater Lifecycle Labels Enables RCE — arcane 9.1 Critical2026-01-15
CVE-2025-62193 NOAA PMEL Live Access Server (LAS) PyFerret command injection — Live Access Server (LAS) 9.8 Critical2026-01-15
CVE-2026-22265 Roxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCE — roxy-wi 7.5 High2026-01-15
CVE-2025-33206 NVIDIA NSIGHT Graphics 操作系统命令注入漏洞 — NSIGHT Graphics 7.8 High2026-01-14
CVE-2026-22718 Command injection vulnerability — CLI VSCode Extension 6.8 Medium2026-01-14
CVE-2023-54339 Webgrind 1.1 - Remote Command Execution (RCE) via dataFile Parameter — Webgrind 9.8 Critical2026-01-13
CVE-2022-50919 Tdarr 2.00.15 - Command Injection — Tdarr 9.8 Critical2026-01-13
CVE-2022-50909 Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated) — Algo 8028 8.8 High2026-01-13
CVE-2026-21267 Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — Dreamweaver Desktop 8.6 High2026-01-13
CVE-2025-64155 Fortinet FortiSIEM 安全漏洞 — FortiSIEM 9.4 Critical2026-01-13
CVE-2026-0507 OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK — SAP Application Server for ABAP and SAP NetWeaver RFCSDK 8.4 High2026-01-13
CVE-2026-22781 TinyWeb CGI Command Injection — TinyWeb 9.8AICriticalAI2026-01-12
CVE-2026-0855 Merit LILIN|IP Camera - OS Command Injection — P2 8.8 High2026-01-12
CVE-2026-0854 Merit LILIN|NVR - OS Command Injection — DH032 8.8 High2026-01-12
CVE-2025-69269 Spectrum command injection in NCM service — DX NetOps Spectrum 8.8AIHighAI2026-01-12
CVE-2025-15502 Sangfor Operation and Maintenance Management System session SessionController os command injection — Operation and Maintenance Management System 7.3 High2026-01-10
CVE-2025-15501 Sangfor Operation and Maintenance Management System getCmd WriterHandle.getCmd os command injection — Operation and Maintenance Management System 9.8 Critical2026-01-09
CVE-2025-15500 Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection — Operation and Maintenance Management System 9.8 Critical2026-01-09
CVE-2025-15499 Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection — Operation and Maintenance Management System 8.8 High2026-01-09
CVE-2026-0830 Command Injection in Kiro GitLab Merge Request Helper — Kiro IDE 7.8 High2026-01-09
CVE-2025-46645 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release 6.5 Medium2026-01-09
CVE-2025-46644 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release 6.0 Medium2026-01-09
CVE-2025-66052 Command injection in Vivotek IP7137 cameras — IP7137 7.2 -2026-01-09
CVE-2026-22035 Greenshot Vulnerable to OS Command Injection via ExternalCommand Plugin — greenshot 7.8 High2026-01-08
CVE-2019-25289 INIM Electronics SmartLiving SmartLAN/G/SI <=6.x Remote Command Execution — SmartLiving SmartLAN/G/SI 8.8 High2026-01-07
CVE-2017-20216 FLIR Thermal Camera PT-Series firmware version 8.0.0.64 Unauthenticated Remote Command Injection — FLIR Thermal Camera PT-Series 9.8 Critical2026-01-07
CVE-2017-20215 FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 Authenticated OS Command Injection — FLIR Thermal Camera FC-S/PT 8.8 High2026-01-07

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.