Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2646

2646 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-5853 Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection — A7100RU 9.8 Critical2026-04-09
CVE-2026-5852 Totolink A7100RU CGI cstecgi.cgi setIptvCfg os command injection — A7100RU 9.8 Critical2026-04-09
CVE-2026-5851 Totolink A7100RU CGI cstecgi.cgi setUPnPCfg os command injection — A7100RU 9.8 Critical2026-04-09
CVE-2026-5850 Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection — A7100RU 9.8 Critical2026-04-09
CVE-2026-5844 D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection — DIR-882 7.2 High2026-04-09
CVE-2026-5831 Agions taskflow-ai terminal_execute handlers.ts os command injection — taskflow-ai 6.3 Medium2026-04-09
CVE-2026-40032 UAC < 3.3.0-rc1 Command Injection via Placeholder Substitution — UAC 7.8 High2026-04-08
CVE-2026-40030 parseusbs < 1.9 Command Injection via Volume Path Argument — parseusbs 7.8 High2026-04-08
CVE-2026-40029 parseusbs < 1.9 Command Injection via Crafted LNK Filename — parseusbs 7.8 High2026-04-08
CVE-2026-5802 idachev mcp-javadc HTTP os command injection — mcp-javadc 7.3 High2026-04-08
CVE-2026-39862 Tophat has a Command Injection Vulnerability When Accessing a Maliciously Crafted Tophat Link — tophat 8.8AIHighAI2026-04-08
CVE-2026-30818 OS Command Injection Vulnerability in dnsmasq Module in TP-Link AX53 — AX53 v1.0 8.0AIHighAI2026-04-08
CVE-2026-30815 OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53 — AX53 v1.0 8.0AIHighAI2026-04-08
CVE-2026-27806 Fleet Affected by Local Privilege Escalation via Tcl Command Injection in Orbit — fleet 7.8 High2026-04-08
CVE-2026-5208 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in coolercontrold — coolercontrold 8.2 High2026-04-08
CVE-2026-5741 suvarchal docker-mcp-server HTTP index.ts pull_image os command injection — docker-mcp-server 7.3 High2026-04-07
CVE-2026-39382 dbt has a Command Injection in Reusable Workflow via Unsanitized comment-body Output — dbt-core 8.8AIHighAI2026-04-07
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection — Red Hat Enterprise Linux 10 9.8 Critical2026-04-07
CVE-2026-35585 File Browser has a Command Injection via Hook Runner — filebrowser 8.8AIHighAI2026-04-07
CVE-2026-35581 Emissary has a Command Injection via PLACE_NAME Configuration in Executrix — emissary 7.2 High2026-04-07
CVE-2026-35521 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline Injection — FTL 8.8 High2026-04-07
CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection — FTL 8.8 High2026-04-07
CVE-2026-35519 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline Injection — FTL 8.8 High2026-04-07
CVE-2026-35518 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline Injection — FTL 8.8 High2026-04-07
CVE-2026-35517 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.upstreams Newline Injection — FTL 8.8 High2026-04-07
CVE-2026-35463 pyLoad has Improper Neutralization of Special Elements used in an OS Command — pyload 8.8 High2026-04-07
CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php — Tianxin Internet Behavior Management System 9.8 Critical2026-04-07
CVE-2026-5692 Totolink A7100RU cstecgi.cgi setGameSpeedCfg os command injection — A7100RU 7.3 High2026-04-06
CVE-2026-5691 Totolink A7100RU cstecgi.cgi setFirewallType os command injection — A7100RU 7.3 High2026-04-06
CVE-2026-5690 Totolink A7100RU cstecgi.cgi setRemoteCfg os command injection — A7100RU 7.3 High2026-04-06

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2646 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.