Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2611 ICTBroadcast <= 7.4 Unauthenticated Session Cookie RCE — ICTBroadcast 9.8AICriticalAI2025-08-05
CVE-2025-54987 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 9.4 Critical2025-08-05
CVE-2025-54948 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 9.4 Critical2025-08-05
CVE-2025-54135 Cursor Agent is vulnerable to prompt injection via MCP Special Files — cursor 8.6 High2025-08-05
CVE-2025-54795 Claude Code echo command allowed bypass of user approval prompt for command execution — claude-code 8.3AIHighAI2025-08-05
CVE-2025-34147 Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via SSID — M300 Wi-Fi Repeater 8.8AIHighAI2025-08-04
CVE-2025-30099 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release 7.8 High2025-08-04
CVE-2025-30098 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release 6.7 Medium2025-08-04
CVE-2025-30097 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release 6.7 Medium2025-08-04
CVE-2025-30096 Dell PowerProtect Data Domain 操作系统命令注入漏洞 — PowerProtect Data Domain Feature Release 6.7 Medium2025-08-04
CVE-2025-36607 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-08-04
CVE-2025-36606 Dell Unity 操作系统命令注入漏洞 — Unity 7.8 High2025-08-04
CVE-2025-36604 Dell Unity 操作系统命令注入漏洞 — Unity 7.3 High2025-08-04
CVE-2025-44960 RUCKUS SmartZone 操作系统命令注入漏洞 — SmartZone 8.5 High2025-08-04
CVE-2025-44961 RUCKUS SmartZone 操作系统命令注入漏洞 — SmartZone 9.9 Critical2025-08-04
CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals — cursor 7.2 High2025-08-01
CVE-2025-54133 Cursor's MCP Install Deeplink Does Not Show Arguments in its User-Dialog — cursor 8.1 -2025-08-01
CVE-2013-10053 ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution — ZPanel 8.8 -2025-08-01
CVE-2013-10049 Raidsonic NAS Devices Unauthenticated Remote Command Execution — IB-NAS5220 9.8 -2025-08-01
CVE-2013-10060 Netgear Routers pppoe.cgi RCE — DGN2200B 8.8 -2025-08-01
CVE-2013-10061 Netgear Routers setup.cgi RCE — DGN1000B 8.8 -2025-08-01
CVE-2013-10058 Linksys Routers apply.cgi Remote Command Injection — WRT160nv2 8.8 -2025-08-01
CVE-2013-10048 D-Link Devices command.php Unauthenticated RCE — DIR-600 9.8 -2025-08-01
CVE-2013-10050 D-Link Devices tools_vct.xgi Unauthenticated RCE — DIR-300 rev A 8.8 -2025-08-01
CVE-2013-10059 D-Link Routers tools_vct.htm OS Command Injection — DIR-615H1 8.8 -2025-08-01
CVE-2025-54595 Pearcleaner's unauthenticated access to privileged XPC helper allows root command execution — Pearcleaner 7.3 High2025-08-01
CVE-2025-8473 Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability — iLX-507 6.8 -2025-08-01
CVE-2013-10037 WebTester 5.x install2.php Unauthenticated Command Execution — WebTester 9.8AICriticalAI2025-07-31
CVE-2014-125124 Pandora FMS <= 5.0RC1 Anyterm Unauthenticated Command Injection — Pandora FMS 9.8AICriticalAI2025-07-31
CVE-2013-10039 GestioIP 3.0 ip_checkhost.cgi RCE — IPAM 8.8AIHighAI2025-07-31

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.