Lucene search
K

1220 matches found

Nuclei
Nuclei
•added 10 hours ago•58 views

Ruijie RG-EW1200G Router - Password Reset

A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...

8.8CVSS6.4AI score0.47109EPSS
Exploits5References5
Nuclei
Nuclei
•added 10 hours ago•196 views

Ruijie RG-EW1200G Router Background - Login Bypass

A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to t...

8.8CVSS6.5AI score0.56147EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•29 views

Ruijie RG-NBS2009G-P - Improper Authentication

An issue in Ruijie RG-NBS2009G-P RGOS v.10.41P2 Release9736 allows a remote attacker to gain privileges via the system/configmenu.htm. id: CVE-2024-24116 info: name: Ruijie RG-NBS2009G-P - Improper Authentication author: friea severity: critical description: | An issue in Ruijie RG-NBS2009G-P RGO...

9.8CVSS6.1AI score0.28214EPSS
Exploits1References3
NVD
NVD
•added 2026/07/05 10:16 a.m.•13 views

CVE-2026-14736

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00452EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/07/05 9:45 a.m.•38 views

CVE-2026-14736 Ruijie RG-UAC user_auth_commit.php unrestricted upload

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00452EPSS
Exploits0References5
CVE
CVE
•added 2026/07/05 9:45 a.m.•22 views

CVE-2026-14736

Ruijie RG-UAC up to version 1.0-R1.8.2.p5 contains a vulnerability in an unknown function of file user_auth_commit.php. Manipulating the upload_image argument allows unrestricted file upload, enabling remote exploitation. The vulnerability is publicly disclosed and could be used by attackers. No ...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/05 9:45 a.m.•7 views

CVE-2026-14736

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
EUVD
EUVD
•added 2026/07/05 9:45 a.m.•7 views

EUVD-2026-41744

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
EUVD
EUVD
•added 2026/06/15 12:31 a.m.•13 views

EUVD-2026-36673

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS7AI score0.02385EPSS
Exploits0References6
NVD
NVD
•added 2026/06/15 12:16 a.m.•18 views

CVE-2026-12197

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS0.02385EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/14 11:45 p.m.•39 views

CVE-2026-12197 Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS0.02385EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 2026/06/14 11:45 p.m.•10 views

CVE-2026-12197 Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS6.9AI score0.02385EPSS
Exploits0References5
CVE
CVE
•added 2026/06/14 11:45 p.m.•28 views

CVE-2026-12197

The CVE-2026-12197 affects Ruijie EG105G-P (firmware 2.340). The issue resides in the nslookup function of /cgi-bin/luci/api/diagnose (JSON-RPC Diagnose Endpoint), where manipulating the params.target argument leads to command injection. It enables remote initiation of an attack, with an exploit ...

8.6CVSS7AI score0.02385EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2026/06/14 12:0 a.m.•16 views

PT-2026-49148

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS5.3AI score0.02385EPSS
Exploits0References6
NVD
NVD
•added 2026/01/29 3:16 p.m.•19 views

CVE-2020-37015

The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...

7.5CVSS0.00619EPSS
Exploits0References4
EUVD
EUVD
•added 2026/01/29 2:28 p.m.•4 views

EUVD-2020-30919

Ruijie Networks Switch eWeb S29RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve system...

7.5CVSS5.9AI score0.00619EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/01/29 2:28 p.m.•4 views

CVE-2020-37015

The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...

7.5CVSS7.3AI score0.00619EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/01/29 2:28 p.m.•26 views

CVE-2020-37015 Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal

The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...

7.5CVSS0.00619EPSS
Exploits0References4
CVE
CVE
•added 2026/01/29 2:28 p.m.•13 views

CVE-2020-37015

CVE-2020-37015 affects Ruijie Networks Switch eWeb S29_RGOS 11.4. The vulnerability is a directory traversal in the web interface where an unauthenticated user can manipulate the file path on the /download.do endpoint using ’../’ sequences to retrieve sensitive configuration files that may contai...

7.5CVSS7.3AI score0.00619EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 2026/01/29 2:28 p.m.•2 views

CVE-2020-37015 Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal

The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...

7.5CVSS7.3AI score0.00619EPSS
Exploits0References4
Rows per page
Query Builder