CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-3705	OS Command Injection via USB Config Load — FDS102	6.8	Medium	2025-07-07
CVE-2025-3626	OS Command Injection via Config Upload in WebUI — FDS102	9.1	Critical	2025-07-07
CVE-2025-48501	Nimesa Backup and Recovery 操作系统命令注入漏洞 — Nimesa Backup and Recovery	9.8^AI	Critical^AI	2025-07-07
CVE-2025-7145	TeamT5｜ThreatSonar Anti-Ransomware - OS Command Injection — ThreatSonar Anti-Ransomware	7.2	High	2025-07-07
CVE-2025-7097	Comodo Internet Security Premium Manifest File cis_update_x64.xml os command injection — Internet Security Premium	8.1	High	2025-07-06
CVE-2025-7083	Belkin F9K1122 webs mp os command injection — F9K1122	6.3	Medium	2025-07-06
CVE-2025-7082	Belkin F9K1122 webs formBSSetSitesurvey os command injection — F9K1122	6.3	Medium	2025-07-06
CVE-2025-7081	Belkin F9K1122 webs formSetWanStatic os command injection — F9K1122	6.3	Medium	2025-07-06
CVE-2025-47228	Scriptcase 操作系统命令注入漏洞 — ScriptCase	6.7	Medium	2025-07-05
CVE-2025-34087	Pi-Hole AdminLTE Whitelist (now 'Web Allowlist') Remote Command Execution — Web	7.2^AI	High^AI	2025-07-03
CVE-2025-34088	Pandora FMS Authenticated Remote Code Execution via Ping Module — Pandora FMS	8.8^AI	High^AI	2025-07-03
CVE-2025-34082	IGEL OS Secure Terminal and Secure Shadow Remote Code Execution — OS	9.8^AI	Critical^AI	2025-07-03
CVE-2025-20308	Cisco Spaces Connector Privilege Escalation Vulnerability — Cisco DNA Spaces Connector	6.0	Medium	2025-07-02
CVE-2025-34073	stamparm/maltrail <=0.54 Remote Command Execution — Maltrail	9.8^AI	Critical^AI	2025-07-02
CVE-2025-53100	RestDB's Codehooks.io MCP Server Vulnerable to Command Injection — codehooks-mcp-server	8.8^AI	High^AI	2025-07-01
CVE-2025-34056	AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution — IP camera, DVR, and NVR Devices	8.8^AI	High^AI	2025-07-01
CVE-2025-34055	AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution — IP camera, DVR, and NVR Devices	8.8^AI	High^AI	2025-07-01
CVE-2025-34054	AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection — IP camera, DVR, and NVR Devices	9.8^AI	Critical^AI	2025-07-01
CVE-2025-6899	D-Link DI-7300G+/DI-8200G msp_info.htm os command injection — DI-7300G+	6.3	Medium	2025-06-30
CVE-2025-6898	D-Link DI-7300G+ in proxy_client.asp os command injection — DI-7300G+	6.3	Medium	2025-06-30
CVE-2025-6897	D-Link DI-7300G+ httpd_debug.asp os command injection — DI-7300G+	5.5	Medium	2025-06-30
CVE-2025-6896	D-Link DI-7300G+ wget_test.asp os command injection — DI-7300G+	6.3	Medium	2025-06-30
CVE-2023-28906	Command injection in networking service — Volkswagen MIB3 infotainment system MIB3 OI MQB	7.8	High	2025-06-28
CVE-2025-36529	TB-eye多款产品操作系统命令注入漏洞 — XRN-410SN/TE	7.2	High	2025-06-27
CVE-2025-34049	OptiLink ONT1GEW GPON Remote Code Execution — ONT1GEW GPON	8.8^AI	High^AI	2025-06-26
CVE-2025-34044	WIFISKY 7-Layer Flow Control Router Remote Command Execution — WIFISKY 7-layer flow control router	9.8^AI	Critical^AI	2025-06-26
CVE-2025-34043	Vacron NVR Remote Command Execution — Network Video Recorder (NVR)	9.8^AI	Critical^AI	2025-06-26
CVE-2025-34042	Beward N100 IP Camera Remote Command Execution — N100 IP Camera	8.8^AI	High^AI	2025-06-26
CVE-2025-52573	Command Injection in MCP Server ios-simulator-mcp — ios-simulator-mcp	6.0	Medium	2025-06-26
CVE-2025-6562	Hunt Electronic Hybrid DVR - OS Command Injection — Hybrid DVR	8.8	High	2025-06-26

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682