CWE-77

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:category Software weakness
gptkbp:consequence Privilege escalation
Data loss
System compromise
Execution of arbitrary commands
gptkbp:describes Improper neutralization of special elements used in an OS command
gptkbp:documentedIn gptkb:MITRE
gptkbp:externalLink https://cwe.mitre.org/data/definitions/77.html
https://www.w3.org/2000/01/rdf-schema#label CWE-77
gptkbp:mitigatedBy Input validation
Use of safe APIs
Command whitelisting
Escaping special characters
gptkbp:name Improper Neutralization of Special Elements used in a Command ('Command Injection')
gptkbp:partOf gptkb:CWE
gptkbp:relatedTo Command injection
gptkbp:usedIn Software security
gptkbp:vulnerableTo 77
gptkbp:bfsParent gptkb:CVE-2022-25075
gptkb:CVE-2022-30525
gptkb:CVE-2023-35708
gptkbp:bfsLayer 7