25167 matches found
PT-2025-50677
Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the pwdmodify...
CVE-2025-56089
OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56079
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56093
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua...
CVE-2025-56120
OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...
PT-2025-50658
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be triggered by sending a specially crafted POST request to the action service within the file...
CVE-2025-56097
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...
PT-2025-50662
Name of the Vulnerable Software and Affected Versions Ruijie X30 PRO V1 X30-PRO-V1 09241521 Description An issue exists in Ruijie X30 PRO V1 X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module get function within t...
IGEL OS UMS Discovery Service Detection
Binary data igelosumsdiscoveryservicedetect.nbin...
PT-2025-50656
Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200 versions EW 3.01B11P227 EW1200 11130208RG-EW1200 V1.00 Description An OS Command Injection issue exists in Ruijie RG-EW1200. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module ge...
Ruijie RG-EW1200 安全漏洞
Ruijie RG-EW1200 is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1200 that originates from unverified input to the moduleset function in the file /usr/local/lua/devconfig/configretain.lua, which could lead to an OS command injection attack...
CVE-2025-56130
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...
CVE-2025-56113
OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP3.01B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...
EUVD-2025-202751
OS Command Injection vulnerability in Ruijie RG-RAP2200E 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56130
The CVE-2025-56130 affects Ruijie RG-S1930 series switches (S1930SWITCH_3.0(1)B11P230). AOS vulnerability: OS Command Injection via a crafted POST to the module_update endpoint in /usr/local/lua/dev_config/ace_sw.lua. Impact is arbitrary command execution with high severity (CVSS 3.1: AV:N/AC:L/P...
CVE-2025-56083
CVE-2025-56083 affects Ruijie X30-PRO with version X30-PRO-V1_09241521. The vulnerability is an OS Command Injection in the Lua file path /usr/local/lua/dev_sta/nbr_networkId_merge.lua, where unvalidated input to the module_set parameter can allow an attacker to execute arbitrary commands via a c...
CVE-2025-56088
CVE-2025-56088 affects Ruijie RG-BCR RG-BCR860. The vulnerability is an OS command injection caused by unvalidated input in the action_service endpoint at /usr/lib/lua/luci/controller/admin/service.lua, exploitable via a crafted POST request. Impact as described: arbitrary command execution with ...
CVE-2025-56122
CVE-2025-56122 affects Ruijie RG-EW1800GX PRO (B11P226_EW1800GX-PRO_10223117). The vulnerability is an OS Command Injection in the Lua module at /usr/local/lua/dev_sta/networkConnect.lua, exploitable via a crafted POST request to the module_get endpoint. CVSSv3.1 base score 8.8 (HIGH) with networ...
CVE-2025-56124
CVE-2025-56124 affects Ruijie X60 PRO routers (V1.00–V2.00). The vulnerability is an OS Command Injection in the module_get function invoked via a crafted POST to /usr/local/lua/dev_sta/networkConnect.lua, allowing an attacker to execute arbitrary commands with local privileges. Multiple sources ...
CVE-2025-56092
CVE-2025-56092 affects Ruijie X30 PRO V1 (X30-PRO-V1_09241521). The vulnerability is an OS Command Injection in the module_get function located at /usr/local/lua/dev_sta/networkConnect.lua, triggered by a crafted POST request. The CVE details indicate an attacker can execute arbitrary commands wi...