Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Software weakness
|
| gptkbp:consequence |
Privilege escalation
Data loss System compromise Execution of arbitrary commands |
| gptkbp:describes |
Improper neutralization of special elements used in an OS command
|
| gptkbp:documentedIn |
gptkb:MITRE
|
| gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/77.html
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-77
|
| gptkbp:mitigatedBy |
Input validation
Use of safe APIs Command whitelisting Escaping special characters |
| gptkbp:name |
Improper Neutralization of Special Elements used in a Command ('Command Injection')
|
| gptkbp:partOf |
gptkb:CWE
|
| gptkbp:relatedTo |
Command injection
|
| gptkbp:usedIn |
Software security
|
| gptkbp:vulnerableTo |
77
|
| gptkbp:bfsParent |
gptkb:CVE-2022-25075
gptkb:CVE-2022-30525 gptkb:CVE-2023-35708 |
| gptkbp:bfsLayer |
7
|