Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2682

2682 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2020-27861 Netgear NETGEAR 操作系统命令注入漏洞 — Orbi 8.8 -2021-02-11
CVE-2021-21016 Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution — Magento Commerce 9.1 -2021-02-11
CVE-2021-21015 Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution — Magento Commerce 9.1 -2021-02-11
CVE-2021-21018 Magnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution — Magento Commerce 9.1 -2021-02-11
CVE-2021-1370 Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability — Cisco IOS XR Software 7.8 -2021-02-04
CVE-2021-21289 Command Injection Vulnerability in Mechanize — mechanize 7.4 High2021-02-02
CVE-2020-12513 Pepper+Fuchs Comtrol IO-Link Master OS Command Injection — Comtrol IO-Link Master 7.5 High2021-01-22
CVE-2021-1264 Cisco DNA Center Command Runner Command Injection Vulnerability — Cisco Digital Network Architecture Center (DNA Center) 9.6 Critical2021-01-20
CVE-2020-27298 Philips Interventional Workstations OS Command Injection — Interventional Workspot 6.5 Medium2021-01-20
CVE-2021-0219 Junos OS: Command injection vulnerability in 'request system software' CLI command — Junos OS 6.7 Medium2021-01-15
CVE-2021-0218 Junos OS: Command injection vulnerability in license-check daemon — Junos OS 7.8 High2021-01-15
CVE-2020-5146 Sonicwall SMA100 操作系统命令注入漏洞 — SMA100 7.2 -2021-01-09
CVE-2020-26294 Exposure of server configuration — compiler 7.4 High2021-01-04
CVE-2020-35851 HGiga MailSherlock - Command Injection — MailSherlock MSR45/SSR45 8.1 High2020-12-31
CVE-2020-26284 Hugo can execute a binary from the current directory on Windows — hugo 7.7 High2020-12-21
CVE-2020-12522 Command Injection Vulnerability in I/O-Check Service of WAGO PFC100, PFC200 and Touch Panel 600 Series with firmware versions <=FW10 — Series PFC 100 (750-81xx/xxx-xxx) 10.0 Critical2020-12-17
CVE-2020-26274 Command Injection Vulnerability in systeminformation — systeminformation 6.4 Medium2020-12-16
CVE-2020-26259 XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling — xstream 6.8 Medium2020-12-16
CVE-2020-12148 OS Command Injection - nslookup API — ECOS 6.8 Medium2020-12-11
CVE-2020-12149 OS Command Injection - Management File Upload — ECOS 6.8 Medium2020-12-11
CVE-2020-26245 Prototype Pollution leading to Command Injection in systeminformation — systeminformation 8.1 High2020-11-27
CVE-2020-3586 Cisco DNA Spaces Connector Command Injection Vulnerability — Cisco DNA Spaces Connector 9.4 Critical2020-11-18
CVE-2020-3367 Cisco Secure Web Appliance Privilege Escalation Vulnerability — Cisco Web Security Appliance (WSA) 7.8 -2020-11-18
CVE-2020-26217 Remote Code Execution in XStream — xstream 8.0 High2020-11-16
CVE-2020-8270 多款Citrix Systems产品操作系统命令注入漏洞 — Citrix Virtual Apps and Desktops 8.8 -2020-11-16
CVE-2020-8273 Citrix Systems SD-WAN Center 操作系统命令注入漏洞 — Citrix SD-WAN Center 8.8 -2020-11-16
CVE-2020-3371 Cisco Integrated Management Controller Command Injection Vulnerability — Cisco Unified Computing System (Standalone) 6.3 Medium2020-11-06
CVE-2020-25849 Openfind MailGates/MailAudit - Command Injection — MailGates 8.8 High2020-11-01
CVE-2020-15272 Shell-injection in git-tag-annotation GitHub action — git-tag-annotation-action 8.7 High2020-10-26
CVE-2020-15271 Shell Command Execution in lookatme — lookatme 9.3 Critical2020-10-26

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2682 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.