22 matches found
CVE-2025-56096
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restartmodules in file /usr/lib/lua/luci/controller/admin/common.lua...
CVE-2025-56127
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the getwanobj in file /usr/lib/lua/luci/controller/admin/common.lua...
CVE-2025-56107
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...
EUVD-2025-202728
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...
CVE-2025-56107
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...
CVE-2025-56107
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...
CVE-2025-56127
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the getwanobj in file /usr/lib/lua/luci/controller/admin/common.lua...
PT-2025-50652
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR600W that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the chec...
PT-2025-50657
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR600W that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the run tcpdump function...
CVE-2025-56096
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restartmodules in file /usr/lib/lua/luci/controller/admin/common.lua...
Ruijie RG-BCR600W 安全漏洞
Ruijie RG-BCR600W is a commercial cloud router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR600W, which originates from an unvalidated input to the checkchanges function in the file /usr/lib/lua/luci/controller/admin/common.lua, which could lead to an OS command...
PT-2025-50676
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR600W that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the submit wifi function...
CVE-2025-56082
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the checkchanges in file /usr/lib/lua/luci/controller/admin/common.lua...
CVE-2025-56087
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...
PT-2025-50689
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR600W affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be triggered by sending a specially crafted POST request to the get wanobj function within the...
CVE-2025-56107
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...
EUVD-2025-202744
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...
CVE-2025-56087
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...
CVE-2025-56096
CVE-2025-56096 affects Ruijie RG-BCR600W devices. The issue is an OS Command Injection in the restart_modules function of /usr/lib/lua/luci/controller/admin/common.lua, exploitable via a crafted POST request. Supported by multiple sources (NVD, Red Hat, ENISA/EUVD, CNNVD, CVE listings). Base metr...
Ruijie RG-BCR 安全漏洞
Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR600W version, which originates from unvalidated input to the restartmodules function in the file /usr/lib/lua/luci/controller/admin/common.lua, which could lead to an OS...