Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

RedhatCVE
RedhatCVEadded 2025/12/12 1:6 a.m.5 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS7.9AI score0.02666EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/12 1:6 a.m.4 views

CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

8.8CVSS7.9AI score0.02666EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/12 1:6 a.m.4 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

8.8CVSS7.9AI score0.03121EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/12 1:6 a.m.5 views

CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

8.8CVSS7.9AI score0.02666EPSS
Exploits1References1
EUVD
EUVDadded 2025/12/11 9:31 p.m.4 views

EUVD-2025-202726

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

7.3AI score0.02666EPSS
Exploits1References4
OSV
OSVadded 2025/12/11 7:15 p.m.3 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

8.8CVSS6AI score0.02308EPSS
Exploits1References3
OSV
OSVadded 2025/12/11 7:15 p.m.3 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS6.1AI score0.02666EPSS
Exploits1References3
NVD
NVDadded 2025/12/11 7:15 p.m.9 views

CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

8.8CVSS0.02666EPSS
Exploits1References3
NVD
NVDadded 2025/12/11 7:15 p.m.4 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS0.02666EPSS
Exploits1References3
NVD
NVDadded 2025/12/11 6:16 p.m.4 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

8.8CVSS0.03121EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/11 12:0 a.m.30 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

0.03121EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/12/11 12:0 a.m.5 views

PT-2025-50678

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR860 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the action wireless endpoint...

8.8CVSS7.2AI score0.02666EPSS
Exploits1References5
CVE
CVEadded 2025/12/11 12:0 a.m.18 views

CVE-2025-56129

Summary: CVE-2025-56129 is an OS command injection in Ruijie RG-BCR RG-BCR860. The issue occurs when processing a crafted POST to /usr/lib/lua/luci/controller/admin/diagnosis.lua (diagnosis action), enabling arbitrary command execution. The Red Hat, EUVD ENISA, NVD, CNNVD, and CVE sources corrobo...

8.8CVSS7.5AI score0.02308EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2025/12/11 12:0 a.m.13 views

CVE-2025-56110

CVE-2025-56110 describes an OS command injection affecting Ruijie RG-BCR RG-BCR860. The vulnerability arises from handling of a crafted POST request to the function at /usr/lib/lua/luci/controller/api/rcmsAPI.lua (action_deal_update), allowing an attacker to execute arbitrary commands. Reported C...

8.8CVSS7.5AI score0.02666EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2025/12/11 12:0 a.m.18 views

CVE-2025-56109

CVE-2025-56109: OS Command Injection in Ruijie RG-BCR RG-BCR860. A crafted POST to /usr/lib/lua/luci/control/admin/wireless.lua (action_wireless) can execute arbitrary OS commands. CVSSv3.1: 8.8 (HIGH) with network attack vector, low attack complexity, low privileges required, no user interaction...

8.8CVSS7.5AI score0.02666EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2025/12/11 12:0 a.m.11 views

CVE-2025-56088

CVE-2025-56088 affects Ruijie RG-BCR RG-BCR860. The vulnerability is an OS command injection caused by unvalidated input in the action_service endpoint at /usr/lib/lua/luci/controller/admin/service.lua, exploitable via a crafted POST request. Impact as described: arbitrary command execution with ...

8.8CVSS7.5AI score0.03121EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/12/11 12:0 a.m.5 views

PT-2025-50680

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the...

8.8CVSS7.3AI score0.02666EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/12/11 12:0 a.m.5 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for actiondiagnosis in the file /usr/lib/lua/luci/controller/admin/diagnosis.lua, whi...

8.8CVSS6.9AI score0.02308EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/11 12:0 a.m.28 views

CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

0.02666EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/11 12:0 a.m.20 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

0.02308EPSS
Exploits1References3
Rows per page
Query Builder