PT-2025-50656

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200 versions EW 3.01B11P227 EW1200 11130208RG-EW1200 V1.00 Description An OS Command Injection issue exists in Ruijie RG-EW1200. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module ge...

CVE-2025-56102

CVE-2025-56102 affects Ruijie RG-EW1800GX (B11P226_EW1800GX_10223121). The vulnerability is an OS Command Injection via crafted POST to /usr/local/lua/dev_sta/networkConnect.lua: module_get, caused by unverified input. Impact per sources: arbitrary command execution with network access. Remediati...

CVE-2025-56086

CVE-2025-56086 affects Ruijie RG-EW1200 devices (EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00). The issue is an OS command injection in the module_get function inside /usr/local/lua/dev_sta/networkConnect.lua, exploitable via a crafted POST request to that path. This could allow an attacker to...

CVE-2025-56101

CVE-2025-56101 affects Ruijie M18 EW, specifically the file /usr/local/lua/dev_sta/networkConnect.lua’s module_get. The vulnerability is an OS Command Injection that can allow an attacker to execute arbitrary commands via a crafted POST request. Reported impacted version: Ruijie M18 EW_3.0(1)B11P...

EUVD-2025-202745

OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

Ruijie X30 PRO 安全漏洞

Ruijie X30 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie X30 PRO X30-PRO-V109241521 version, which originates from an unvalidated input to the moduleget function in the file /usr/local/lua/devsta/networkConnect.lua, which could lead to an OS...

PT-2025-50687

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200G PRO versions 1.00 through 4.00 Description An OS Command Injection issue exists in Ruijie RG-EW1200G PRO. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module get function within...

CVE-2025-56123

CVE-2025-56123 affects Ruijie RG-EW1200G PRO (versions 1.00–4.00). The issue is an OS Command Injection via a crafted POST request to module_get in /usr/local/lua/dev_sta/networkConnect.lua, enabling arbitrary command execution. Root cause relates to improper handling of crafted input, leading to...

CVE-2025-56123

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

CVE-2025-56079

OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

CVE-2025-56086

OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

CVE-2025-56092

OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...