目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-94 对生成代码的控制不恰当(代码注入) 类漏洞列表 1417

CWE-94 对生成代码的控制不恰当(代码注入) 类弱点 1417 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-94 指代码注入漏洞,属于输入验证缺陷。攻击者通过向程序提供恶意构造的外部输入,利用未正确过滤的特殊字符或代码片段,篡改预期代码逻辑或注入可执行指令,从而劫持系统控制权。开发者应避免直接拼接用户输入,采用白名单验证机制,并使用参数化查询或沙箱环境隔离执行上下文,确保输入数据的合法性与安全性,从根本上阻断恶意代码的注入路径。

MITRE CWE 官方描述
CWE:CWE-94 代码生成控制不当('Code Injection') 英文:产品使用来自上游组件的外部影响输入来构建代码段的全部或部分内容,但未对可能修改预期代码段语法或行为的特殊元素进行中和,或中和不正确。
常见影响 (4)
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
Access ControlGain Privileges or Assume Identity
Injected code can access resources that the attacker is directly prevented from accessing.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands
When a product allows a user's input to contain code syntax, it might be possible for an attacker to craft the code in such a way that it will alter the intended control flow of the product. As a result, code injection can often result in the execution of arbitrary code. Code injection attacks can…
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
缓解措施 (5)
Architecture and DesignRefactor your program so that you do not have to dynamically generate code.
Architecture and DesignRun your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which code can be executed by your product. Examples include the Unix chroot jail and AppArmor. In general, managed code may provide some protection. This may not be a feasible solution, and it only limits the impact to the operating s…
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
TestingUse dynamic tools and techniques that interact with the product using large test suites with many diverse inputs, such as fuzz testing (fuzzing), robustness testing, and fault injection. The product's operation may slow down, but it should not become unstable, crash, or generate incorrect results.
OperationRun the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
代码示例 (2)
This example attempts to write user messages to a message file and allow users to view them.
$MessageFile = "messages.out"; if ($_GET["action"] == "NewMessage") { $name = $_GET["name"]; $message = $_GET["message"]; $handle = fopen($MessageFile, "a+"); fwrite($handle, "<b>$name</b> says '$message'<hr>\n"); fclose($handle); echo "Message Saved!<p>\n"; } else if ($_GET["action"] == "ViewMessages") { include($MessageFile); }
Bad · PHP
name=h4x0r message=%3C?php%20system(%22/bin/ls%20-l%22);?%3E
Attack
edit-config.pl: This CGI script is used to modify settings in a configuration file.
use CGI qw(:standard); sub config_file_add_key { my ($fname, $key, $arg) = @_; # code to add a field/key to a file goes here } sub config_file_set_key { my ($fname, $key, $arg) = @_; # code to set key to a particular file goes here } sub config_file_delete_key { my ($fname, $key, $arg) = @_; # code to delete key from a particular file goes here } sub handleConfigAction { my ($fname, $action) = @_; my $key = param('key'); my $val = param('val'); # this is super-efficient code, especially if you have to invoke # any one of dozens of different functions! my $code = "config_file_$action_key(\$fnam
Bad · Perl
add_key(",","); system("/bin/ls");
Attack
CVE ID标题CVSS风险等级Published
CVE-2026-8633 IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 代码注入漏洞 — Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 9.8 Critical2026-05-26
CVE-2026-8855 IBM HTTP Server 代码注入漏洞 — HTTP Server 8.1 High2026-05-26
CVE-2026-42785 OpenKM 代码注入漏洞 — OpenKM Community Edition 7.2 High2026-05-26
CVE-2026-24937 WordPress plugin Broadcast Live Video 代码注入漏洞 — Broadcast Live Video 7.2 High2026-05-25
CVE-2018-25357 Dolibarr ERP CRM 代码注入漏洞 — Dolibarr ERP CRM 9.8 Critical2026-05-23
CVE-2026-9302 vps-inventory-monitoring 代码注入漏洞 — vps-inventory-monitoring 6.3 Medium2026-05-23
CVE-2026-41149 Mermaid 安全漏洞 — mermaid--2026-05-22
CVE-2026-41148 Mermaid 代码注入漏洞 — mermaid--2026-05-22
CVE-2026-8467 PhoenixStorybook 代码注入漏洞 — phoenix_storybook--2026-05-20
CVE-2026-22314 Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 代码注入漏洞 — Meona Client Launcher Component 9.0 Critical2026-05-20
CVE-2026-2586 Eclipse Glassfish 代码注入漏洞 — Eclipse Glassfish 9.1 Critical2026-05-19
CVE-2026-46586 Apache OFBiz 代码注入漏洞 — Apache OFBiz--2026-05-19
CVE-2026-35086 Apache OFBiz 代码注入漏洞 — Apache OFBiz--2026-05-19
CVE-2026-8838 Amazon Redshift Python Connector 代码注入漏洞 — Amazon Redshift connector for Python 9.8 Critical2026-05-18
CVE-2026-45829 chroma 代码注入漏洞 — ChromaDB--2026-05-18
CVE-2026-6902 Perforce P4 代码注入漏洞 — P4 (Helix Core)--2026-05-18
CVE-2018-25320 ACL Analytics 代码注入漏洞 — ACL Analytics 9.8 Critical2026-05-17
CVE-2021-47952 Jsonpickle 代码注入漏洞 — python jsonpickle 9.8 Critical2026-05-16
CVE-2021-47964 Schlix CMS 代码注入漏洞 — Schlix CMS 8.8 High2026-05-15
CVE-2026-44717 MCP Calculate Server 代码注入漏洞 — mcp_calculate_server 9.8 Critical2026-05-15
CVE-2026-41258 OpenMRS 代码注入漏洞 — openmrs-core 9.1 Critical2026-05-15
CVE-2026-35194 Apache Flink 代码注入漏洞 — Apache Flink--2026-05-15
CVE-2026-8539 Google Chrome 代码注入漏洞 — Chrome--2026-05-14
CVE-2026-8634 Crabbox 代码注入漏洞 — crabbox 9.1 Critical2026-05-14
CVE-2025-15024 Yordam Library Automation System 代码注入漏洞 — Library Automation System 8.8 High2026-05-14
CVE-2026-42555 Valtimo 代码注入漏洞 — valtimo 9.1 Critical2026-05-14
CVE-2026-44827 diffusers 代码注入漏洞 — diffusers 8.8 High2026-05-14
CVE-2026-44513 diffusers 代码注入漏洞 — diffusers 8.8 High2026-05-14
CVE-2025-12669 GitLab 代码注入漏洞 — GitLab 5.4 Medium2026-05-14
CVE-2026-45708 CubeCart 代码注入漏洞 — v6 7.2 High2026-05-13

CWE-94(对生成代码的控制不恰当(代码注入)) 是常见的弱点类别,本平台收录该类弱点关联的 1417 条 CVE 漏洞。