36 matches found
CVE-2025-56111
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...
CVE-2025-56109
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...
CVE-2025-56110
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...
CVE-2025-56088
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...
EUVD-2025-202726
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...
CVE-2025-56129
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...
CVE-2025-56111
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...
CVE-2025-56109
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...
CVE-2025-56111
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...
CVE-2025-56088
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...
CVE-2025-56088
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...
CVE-2025-56088
CVE-2025-56088 affects Ruijie RG-BCR RG-BCR860. The vulnerability is an OS command injection caused by unvalidated input in the action_service endpoint at /usr/lib/lua/luci/controller/admin/service.lua, exploitable via a crafted POST request. Impact as described: arbitrary command execution with ...
CVE-2025-56129
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...
Ruijie RG-BCR 安全漏洞
Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for actiondiagnosis in the file /usr/lib/lua/luci/controller/admin/diagnosis.lua, whi...
CVE-2025-56129
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...
CVE-2025-56110
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...
CVE-2025-56110
CVE-2025-56110 describes an OS command injection affecting Ruijie RG-BCR RG-BCR860. The vulnerability arises from handling of a crafted POST request to the function at /usr/lib/lua/luci/controller/api/rcmsAPI.lua (action_deal_update), allowing an attacker to execute arbitrary commands. Reported C...
PT-2025-50678
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR860 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the action wireless endpoint...
CVE-2025-56088
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...
PT-2025-50690
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR860 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the action diagnosis endpoin...