Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-43885 Dell PowerProtect Data Manager 操作系统命令注入漏洞 — PowerProtect Data Manager 7.8 High2025-09-10
CVE-2025-43884 Dell PowerProtect Data Manager 操作系统命令注入漏洞 — PowerProtect Data Manager 8.2 High2025-09-10
CVE-2025-9997 Schneider Electric Saitel DR RTU 操作系统命令注入漏洞 — Saitel DR RTU 8.0AIHighAI2025-09-09
CVE-2025-9996 Schneider Electric Saitel DR RTU 操作系统命令注入漏洞 — Saitel DR RTU 8.8AIHighAI2025-09-09
CVE-2025-23344 NVIDIA NVDebug 操作系统命令注入漏洞 — NVDebug tool 7.3 High2025-09-09
CVE-2025-54084 Calix Gigacenter ONT - Command Injection — GigaCenter ONT 7.2AIHighAI2025-09-09
CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection — Tautulli 8.1 High2025-09-09
CVE-2025-58180 OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload — OctoPrint 8.8AIHighAI2025-09-09
CVE-2025-55048 Baicells多款产品 操作系统命令注入漏洞 — NEUTRINO430, NOVA436Q, NOVA430e/430i, NOVA846, NOVA246, NOVA243, NOVA233, NOVA227 9.8 Critical2025-09-09
CVE-2024-45325 Fortinet FortiDDoS-F 操作系统命令注入漏洞 — FortiDDoS-F 6.5 Medium2025-09-09
CVE-2025-54994 @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API — create-mcp-server-stdio 9.8AICriticalAI2025-09-08
CVE-2025-58374 Roo Code: Auto-approve allows npm install execution of malicious postinstall scripts — Roo-Code 7.8 High2025-09-06
CVE-2025-58371 Roo Code is vulnerable to command injection via GitHub actions workflow — Roo-Code 8.8AIHighAI2025-09-05
CVE-2025-58370 Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference — Roo-Code 8.1 High2025-09-05
CVE-2025-55037 TkEasyGUI 操作系统命令注入漏洞 — TkEasyGUI 9.8AICriticalAI2025-09-05
CVE-2025-8613 Vacron Camera ping Command Injection Remote Code Execution Vulnerability — Camera 8.8 -2025-09-02
CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup) — Extension "TYPO3 Backup Plus" 9.8AICriticalAI2025-09-02
CVE-2025-57799 StreamVault can perform remote command execution — StreamVault 8.8AIHighAI2025-09-01
CVE-2025-54857 Seikou202fSolutions SkyBridge BASIC MB-A130 操作系统命令注入漏洞 — SkyBridge BASIC MB-A130 9.8 -2025-09-01
CVE-2025-9752 D-Link DIR-852 SOAP Service soap.cgi soapcgi_main os command injection — DIR-852 7.3 High2025-09-01
CVE-2025-9745 D-Link DI-500WF jhttpd version_upgrade.asp os command injection — DI-500WF 4.7 Medium2025-08-31
CVE-2025-9727 D-Link DIR-816L soap.cgi soapcgi_main os command injection — DIR-816L 6.3 Medium2025-08-31
CVE-2009-20010 Dogfood CRM spell.php RCE — Dogfood CRM 9.8 -2025-08-30
CVE-2005-10004 Cacti graph_view.php RCE via graph_start Parameter Injection — Cacti 8.8 -2025-08-30
CVE-2025-9377 Authenticated RCE via Parental Control command injection — Archer C7(EU) V2 8.8 -2025-08-29
CVE-2025-53508 iND多款产品 操作系统命令注入漏洞 — HL330-DLS (for module MC7700) 8.8 -2025-08-29
CVE-2025-58062 LSTM-Kirigaya's openmcp-client Vulnerable to RCE in MCP Authorization Flow — openmcp-client 8.0AIHighAI2025-08-28
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection — BL-X26 6.3 Medium2025-08-28
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection — BL-X26 6.3 Medium2025-08-28
CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection — RE6250 6.3 Medium2025-08-28

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.