Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-14003 Nagios XI < 2024R1.2 RCE via NRDP Server Plugins — XI 9.8AICriticalAI2025-10-30
CVE-2025-34134 Nagios XI < 2024R1.4.2 RCE via Business Process Intelligence (BPI) — XI 7.2AIHighAI2025-10-30
CVE-2018-25122 Nagios XI < 5.4.13 Component Download Page RCE — XI 8.8AIHighAI2025-10-30
CVE-2024-14005 Nagios XI < 2024R1.2 Command Injection via Docker Wizard — XI 7.2AIHighAI2025-10-30
CVE-2020-36867 Nagios XI < 5.7.3 Command Injection in Report PDF Download — XI 8.8AIHighAI2025-10-30
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection — XI 8.8AIHighAI2025-10-30
CVE-2020-36856 Nagios XI < 5.6.14 Authenticated RCE command_test.php via address — XI 7.2AIHighAI2025-10-30
CVE-2025-34284 Nagios XI < 2024R2 Authenticated Command Injection via WinRM Plugin — XI 7.2AIHighAI2025-10-30
CVE-2025-34280 Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certificate Removal Function — Network Analyzer 7.2AIHighAI2025-10-30
CVE-2025-43942 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-10-30
CVE-2025-46422 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-10-30
CVE-2025-46423 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-10-30
CVE-2025-43939 Dell Unity 安全漏洞 — Unity 7.8 High2025-10-30
CVE-2025-43940 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-10-30
CVE-2025-43941 Dell Unity 操作系统命令注入漏洞 — Unity 7.2 High2025-10-30
CVE-2025-54941 Apache Airflow: Command injection in "example_dag_decorator" — Apache Airflow 8.8AIHighAI2025-10-30
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow — neuvector 9.9 Critical2025-10-30
CVE-2025-11202 win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability — win-cli-mcp-server 9.8AICriticalAI2025-10-29
CVE-2018-25120 D-Link DNS-343 ShareCenter <= 1.05 Command Injection via /goform/Mail_Test — DNS-343 ShareCenter 9.8AICriticalAI2025-10-29
CVE-2025-62801 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name — fastmcp 9.8AICriticalAI2025-10-28
CVE-2025-34311 IPFire < v2.29 Command Injection via Proxy Report Creation — IPFire 8.8AIHighAI2025-10-28
CVE-2025-34312 IPFire < v2.29 Command Injection via URL Filter Blacklist — IPFire 8.8AIHighAI2025-10-28
CVE-2025-1038 Hitachi TropOS 4th Gen 操作系统命令注入漏洞 — TropOS 4th Gen 7.2AIHighAI2025-10-28
CVE-2025-1036 Hitachi TropOS 4th Gen 操作系统命令注入漏洞 — TropOS 4th Gen 8.8AIHighAI2025-10-28
CVE-2025-12296 D-Link DAP-2695 Firmware Update sub_4174B0 os command injection — DAP-2695 4.7 Medium2025-10-27
CVE-2025-10680 OpenVPN 安全漏洞 — OpenVPN 8.8 -2025-10-24
CVE-2025-6978 Diagnostics command injection vulnerability — Arista Edge Threat Management - Arista Next Generation Firewall 7.2 High2025-10-23
CVE-2016-15048 AMTT HiBOS Command Injection RCE via server_ping.php — Hotel Broadband Operation System (HiBOS) 9.8AICriticalAI2025-10-22
CVE-2024-58274 Hikvision CSMP iSecure Center 安全漏洞 — CSMP iSecure Center 8.3 High2025-10-22
CVE-2025-8078 Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞 — ATP series firmware 7.2 High2025-10-21

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.