Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-95 (动态执行代码中指令转义处理不恰当(Eval注入)) — Vulnerability Class 106

106 vulnerabilities classified as CWE-95 (动态执行代码中指令转义处理不恰当(Eval注入)). AI Chinese analysis included.

CWE-95 represents a critical code injection vulnerability where software fails to properly sanitize user-supplied input before passing it to a dynamic evaluation function, such as JavaScript’s eval(). Attackers typically exploit this weakness by injecting malicious code snippets into the input stream, which the application then executes with the privileges of the running process. This can lead to complete system compromise, data exfiltration, or unauthorized administrative actions. To mitigate this risk, developers must strictly avoid using dynamic code execution functions whenever possible, opting instead for safer alternatives like JSON parsing or predefined function mappings. When dynamic evaluation is unavoidable, rigorous input validation and strict whitelisting of allowed characters are essential to ensure that only safe, expected data structures are processed, thereby neutralizing potential injection vectors before they reach the interpreter.

MITRE CWE Description
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Common Consequences (5)
ConfidentialityRead Files or Directories, Read Application Data
The injected code could access restricted data / files.
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
Access ControlGain Privileges or Assume Identity
Injected code can access resources that the attacker is directly prevented from accessing.
Integrity, Confidentiality, Availability, OtherExecute Unauthorized Code or Commands
Code injection attacks can lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing. Additionally, code injection can often result in the execution of arbitrary code or at least modify what code can be executed.
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
Mitigations (4)
Architecture and Design, ImplementationIf possible, refactor your code so that it does not need to use eval() at all.
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180, CWE-181). Make sure that your application does not inadvertently decode the same input twice (CWE-174). Such errors could be used to bypass allowlist schemes by introducing dangerous inputs after they have been checked. Use libraries such as the OWASP ESAPI Canonicalizat…
ImplementationFor Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
Effectiveness: Discouraged Common Practice
Examples (2)
edit-config.pl: This CGI script is used to modify settings in a configuration file.
use CGI qw(:standard); sub config_file_add_key { my ($fname, $key, $arg) = @_; # code to add a field/key to a file goes here } sub config_file_set_key { my ($fname, $key, $arg) = @_; # code to set key to a particular file goes here } sub config_file_delete_key { my ($fname, $key, $arg) = @_; # code to delete key from a particular file goes here } sub handleConfigAction { my ($fname, $action) = @_; my $key = param('key'); my $val = param('val'); # this is super-efficient code, especially if you have to invoke # any one of dozens of different functions! my $code = "config_file_$action_key(\$fnam
Bad · Perl
add_key(",","); system("/bin/ls");
Attack
This simple python3 script asks a user to supply a comma-separated list of numbers as input and adds them together.
def main(): sum = 0 try: numbers = eval(input("Enter a comma-separated list of numbers: ")) except SyntaxError: print("Error: invalid input") return for num in numbers: sum = sum + num print(f"Sum of {numbers} = {sum}") main()
Bad · Python
__import__('subprocess').getoutput('rm -r *')
Attack
CVE IDTitleCVSSSeverityPublished
CVE-2025-55727 XWiki Remote Macros vulnerable to remote code execution from width parameter in the column macro — xwiki-pro-macros 10.0 Critical2025-09-09
CVE-2025-58365 XWiki Blog Application: Privilege Escalation (PR) from account through blog content — application-blog 8.8AIHighAI2025-09-08
CVE-2025-8420 Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution — Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress 8.1 High2025-08-06
CVE-2013-10070 PHP-Charts v1.0 PHP Code Execution — PHP-Charts 9.8AICriticalAI2025-08-05
CVE-2013-10051 InstantCMS <= 1.6 Remote PHP Code Execution — InstantCMS 9.8 -2025-08-01
CVE-2025-3753 Unsafe use of eval() method in rosbag tool — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-41921 Unsafe use of eval() method in rostopic echo tool — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-41148 Unsafe use of eval() method in rostopic hz tool — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-39835 Unsafe use of eval() method in roslaunch tool — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-39289 Unsafe use of eval() method in rosparam tool — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2025-6101 letta-ai letta interface.py function_message eval injection — letta 5.5 Medium2025-06-16
CVE-2025-49598 conda-forge-ci-setup Allows Arbitrary Code Execution via Insecure Version Parsing — conda-forge-ci-setup-feedstock 9.8AICriticalAI2025-06-13
CVE-2025-4318 Input validation issue in AWS Amplify Studio UI component properties — Amplify Studio 6.4AIMediumAI2025-05-05
CVE-2025-32435 Hydra no restricted eval after nix-eval-jobs migration — hydra 2.6 Low2025-04-15
CVE-2025-27603 XWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations — application-confluence-migrator-pro 9.1 Critical2025-03-07
CVE-2025-24893 Remote code execution as guest via SolrSearchMacros request in xwiki — xwiki-platform 9.8 Critical2025-02-20
CVE-2025-0868 Remote Code Execution in DocsGPT — DocsGPT 9.8 -2025-02-20
CVE-2024-10633 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated Arbitrary Shortcode Execution via content — Quiz Maker Developer 7.3 High2025-01-26
CVE-2024-8512 W3SPEEDSTER <= 7.26 - Authenticated (Administrator+) Remote Code Execution — W3SPEEDSTER 9.1 Critical2024-10-30
CVE-2024-45858 Guardrails 安全漏洞 — guardrails 7.8 High2024-09-18
CVE-2024-45851 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45850 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45849 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45848 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45847 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45846 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-27321 Autolabel 安全漏洞 — autolabel 7.8 High2024-09-12
CVE-2024-27320 Autolabel 安全漏洞 — autolabel 7.8 High2024-09-12
CVE-2024-7954 SPIP porte_plume Plugin Arbitrary PHP Execution — SPIP 9.8 Critical2024-08-23
CVE-2024-43404 Remote Code Execution Vulnerability in MEGABOT — MEGABOT 9.8 Critical2024-08-20

Vulnerabilities classified as CWE-95 (动态执行代码中指令转义处理不恰当(Eval注入)) represent 106 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.