Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 382

382 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CWE-74 represents a critical input validation weakness where software constructs commands, data structures, or records using externally influenced input without properly neutralizing special elements. This flaw allows attackers to inject malicious syntax that alters the intended interpretation of the downstream component, leading to severe consequences such as unauthorized command execution, data manipulation, or system compromise. Exploitation typically occurs when user-supplied data is directly concatenated into queries or system calls without sanitization. To prevent this, developers must implement rigorous input validation, ensuring all external data is strictly checked against expected formats. Furthermore, utilizing parameterized queries, safe APIs, and context-specific encoding techniques ensures that special characters are treated as literal data rather than executable instructions, effectively neutralizing potential injection vectors before they reach the downstream processor.

MITRE CWE Description
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Common Consequences (5)
ConfidentialityRead Application Data
Many injection attacks involve the disclosure of important information -- in terms of both data sensitivity and usefulness in further exploitation.
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
OtherAlter Execution Logic
Injection attacks are characterized by the ability to significantly change the flow of a given process, and in some cases, to the execution of arbitrary code.
Integrity, OtherOther
Data injection attacks lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing.
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
Mitigations (2)
RequirementsProgramming languages and supporting technologies might be chosen which are not subject to these issues.
ImplementationUtilize an appropriate mix of allowlist and denylist parsing to filter control-plane syntax from all input.
Examples (2)
This example code intends to take the name of a user and list the contents of that user's home directory. It is subject to the first variant of OS command injection.
$userName = $_POST["user"]; $command = 'ls -l /home/' . $userName; system($command);
Bad · PHP
;rm -rf /
Attack
The following code segment reads the name of the author of a weblog entry, author, from an HTTP request and sets it in a cookie header of an HTTP response.
String author = request.getParameter(AUTHOR_PARAM); ... Cookie cookie = new Cookie("author", author); cookie.setMaxAge(cookieExpiration); response.addCookie(cookie);
Bad · Java
HTTP/1.1 200 OK ... Set-Cookie: author=Jane Smith ...
Result
CVE IDTitleCVSSSeverityPublished
CVE-2023-6004 Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname — Red Hat Enterprise Linux 8 4.8 Medium2024-01-03
CVE-2024-21623 Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets — otclient 9.8 Critical2024-01-02
CVE-2023-7114 Mattermost 安全漏洞 — Mattermost 7.1 High2023-12-29
CVE-2023-7039 Byzoro S210 importexport.php injection — S210 6.3 Medium2023-12-21
CVE-2023-46726 GLPI Remote code execution from LDAP server configuration form on PHP 7.4 — glpi 7.2 High2023-12-13
CVE-2023-6458 Client side path traversal due to lack of route parameters validation — Mattermost 7.1 High2023-12-06
CVE-2023-35075 HTML injection via channel autocomplete — Mattermost 3.1 Low2023-11-27
CVE-2023-6164 MainWP Dashboard <= 4.5.1.2 - Authenticated(Administrator+) CSS Injection — MainWP Dashboard: Self-hosted WordPress Management for Agencies 2.2 Low2023-11-22
CVE-2023-44373 Siemens 多款产品 安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EU 9.1 Critical2023-11-14
CVE-2023-47119 HTML injection in oneboxed links — discourse 5.3 Medium2023-11-10
CVE-2017-20187 Magnesium-PHP Base.php formatEmailString injection — Magnesium-PHP 3.5 Low2023-11-05
CVE-2023-43667 Apache InLong: Log Injection in Global functions — Apache InLong 5.3 -2023-10-16
CVE-2023-44109 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-10-11
CVE-2022-4145 Content spoofing — openshift 4.3 Medium2023-10-05
CVE-2023-3665 Trellix Endpoint Security 代码注入漏洞 — Trellix Endpoint Security 5.5 Medium2023-10-04
CVE-2023-43655 Remote Code Execution via web-accessible composer.phar — composer 6.4 Medium2023-09-29
CVE-2023-43656 Sandbox escape for instances that have enabled transformation functions in matrix-hookshot — matrix-hookshot 5.6 Medium2023-09-27
CVE-2022-3962 Kiali: error message spoofing in kiali ui — Red Hat OpenShift Service Mesh 2.3 for RHEL 8 4.3 Medium2023-09-23
CVE-2023-4843 Pegasystem PEGA Platform 跨站脚本漏洞 — Pega Platform 4.3 Medium2023-09-08
CVE-2023-39424 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in RDPngFileUpload.dll — IRM Next Generation 9.9 Critical2023-09-07
CVE-2023-41039 Sandbox escape via various forms of "format" in RestrictedPython — RestrictedPython 8.3 High2023-08-30
CVE-2023-4478 Parameter tampering in the registration resulting in blocked accounts to be created — Mattermost 4.3 Medium2023-08-25
CVE-2023-40035 Craft CMS vulnerable to Remote Code Execution via validatePath bypass — cms 7.2 High2023-08-23
CVE-2023-4212 Trane Thermostats Injection — XL824 Thermostat 6.8 Medium2023-08-22
CVE-2023-4450 jeecgboot JimuReport Template injection — JimuReport 6.3 Medium2023-08-21
CVE-2023-4157 Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s — omeka/omeka-s 5.2 Medium2023-08-04
CVE-2023-37897 Server-side Template Injection (SSTI) in grav — grav 7.2 High2023-07-18
CVE-2023-37462 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui — xwiki-platform 10.0 Critical2023-07-14
CVE-2023-37473 Limited code execution in zenstruck/collections — collection 8.6 High2023-07-14
CVE-2023-36830 SQLFluff vulnerability for users with access to config file, using `library_path` to call arbitrary python code. — sqlfluff 6.3 Medium2023-07-06

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.