1220 matches found
Ruijie RG-EW1200G Router - Password Reset
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...
Ruijie RG-EW1200G Router Background - Login Bypass
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to t...
Ruijie RG-NBS2009G-P - Improper Authentication
An issue in Ruijie RG-NBS2009G-P RGOS v.10.41P2 Release9736 allows a remote attacker to gain privileges via the system/configmenu.htm. id: CVE-2024-24116 info: name: Ruijie RG-NBS2009G-P - Improper Authentication author: friea severity: critical description: | An issue in Ruijie RG-NBS2009G-P RGO...
CVE-2026-14736
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-14736 Ruijie RG-UAC user_auth_commit.php unrestricted upload
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-14736
Ruijie RG-UAC up to version 1.0-R1.8.2.p5 contains a vulnerability in an unknown function of file user_auth_commit.php. Manipulating the upload_image argument allows unrestricted file upload, enabling remote exploitation. The vulnerability is publicly disclosed and could be used by attackers. No ...
CVE-2026-14736
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2026-41744
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2026-36673
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...
CVE-2026-12197
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...
CVE-2026-12197 Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...
CVE-2026-12197 Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...
CVE-2026-12197
The CVE-2026-12197 affects Ruijie EG105G-P (firmware 2.340). The issue resides in the nslookup function of /cgi-bin/luci/api/diagnose (JSON-RPC Diagnose Endpoint), where manipulating the params.target argument leads to command injection. It enables remote initiation of an attack, with an exploit ...
PT-2026-49148
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...
CVE-2020-37015
The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...
EUVD-2020-30919
Ruijie Networks Switch eWeb S29RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve system...
CVE-2020-37015
The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...
CVE-2020-37015 Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...
CVE-2020-37015
CVE-2020-37015 affects Ruijie Networks Switch eWeb S29_RGOS 11.4. The vulnerability is a directory traversal in the web interface where an unauthenticated user can manipulate the file path on the /download.do endpoint using â../â sequences to retrieve sensitive configuration files that may contai...
CVE-2020-37015 Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...