CVE-2025-56098

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

The vulnerability of the access point management function in microprogrammed software for Zyxel USG FLEX, USG FLEX 50(W), USG20(W)-VPN, ATP, and VPN allows a hacker to execute arbitrary commands.

The vulnerability of the access point management function in Zyxel USG FLEX, USG FLEX 50W, USG20W-VPN, ATP, and VPN software for network devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a...