Lucene search
K

23 matches found

NVD
NVD
added 2026/06/15 12:16 a.m.13 views

CVE-2026-12197

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS0.02385EPSS
Exploits0References5
CVE
CVE
added 2026/06/14 11:45 p.m.25 views

CVE-2026-12197

The CVE-2026-12197 affects Ruijie EG105G-P (firmware 2.340). The issue resides in the nslookup function of /cgi-bin/luci/api/diagnose (JSON-RPC Diagnose Endpoint), where manipulating the params.target argument leads to command injection. It enables remote initiation of an attack, with an exploit ...

8.6CVSS7AI score0.02385EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.5 views

CVE-2025-56099

OS Command Injection vulnerability in Ruijie RG-YST AP3.01B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

8.8CVSS7.9AI score0.01451EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 7:15 p.m.8 views

CVE-2025-56096

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restartmodules in file /usr/lib/lua/luci/controller/admin/common.lua...

8.8CVSS0.01725EPSS
Exploits0References3
NVD
NVD
added 2025/12/11 6:16 p.m.5 views

CVE-2025-56087

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...

8.8CVSS0.02198EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50672

Name of the Vulnerable Software and Affected Versions Ruijie RG-YST AP versions 3.01B11P280YST250F Description An OS Command Injection issue exists in Ruijie RG-YST AP. An attacker can execute arbitrary commands by sending a specially crafted POST request to the /usr/lib/lua/luci/modules/common.l...

8.8CVSS7.6AI score0.01451EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.2 views

CVE-2025-56127

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the getwanobj in file /usr/lib/lua/luci/controller/admin/common.lua...

7.5AI score0.02742EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50675

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to th...

8.8CVSS7.1AI score0.02486EPSS
Exploits1References5
CVE
CVE
added 2025/12/11 12:0 a.m.12 views

CVE-2025-56088

CVE-2025-56088 affects Ruijie RG-BCR RG-BCR860. The vulnerability is an OS command injection caused by unvalidated input in the action_service endpoint at /usr/lib/lua/luci/controller/admin/service.lua, exploitable via a crafted POST request. Impact as described: arbitrary command execution with ...

8.8CVSS7.5AI score0.03121EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.10 views

CVE-2025-56077

CVE-2025-56077 describes an OS Command Injection in Ruijie RG-RAP2200(E) 247 2200. A crafted POST request to the module_set in /usr/local/lua/dev_sta/nbr_cwmp.lua can allow arbitrary commands execution. CVSSv3.1 base score 8.8 (Network, Privileges Required: Low, User Interaction: None, Scope: Unc...

8.8CVSS7.5AI score0.02482EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30387

Malicious code in bioql PyPI...

5.8CVSS5AI score0.04085EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-27591

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.02772EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/30 6:20 p.m.4 views

CVE-2025-9424

A vulnerability was identified in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itboxpi/branchimport.php?a=branchlist. Such manipulation of the argument province leads to os command injection. The attack can be executed remotely. The exploit i...

9.8CVSS5.1AI score0.1826EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/25 10:32 p.m.11 views

CVE-2025-9424 Ruijie WS7204-A branch_import.php os command injection

A vulnerability was identified in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itboxpi/branchimport.php?a=branchlist. Such manipulation of the argument province leads to os command injection. The attack can be executed remotely. The exploit i...

5.8CVSS0.1826EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/08/12 12:0 a.m.10 views

The vulnerability of the strongSwan microprogramming software firewall solution developed by Ruijie RG-EG306MG-P allows a intruder to disclose protected information.

The vulnerability of the strongSwan microprogramming software firewall solution from Ruijie RG-EG306MG-P lies in the lack of encryption for confidential data during the processing of the parameter “idontcareaboutsecurityanduseaggressivemodepsk”. Exploiting this vulnerability can allow a remote...

3.7CVSS5.5AI score0.00137EPSS
Exploits0References5
NVD
NVD
added 2025/08/09 6:15 p.m.7 views

CVE-2025-8763

A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...

6.3CVSS0.00137EPSS
Exploits0References4
CVE
CVE
added 2025/08/09 6:2 p.m.24 views

CVE-2025-8763

CVE-2025-8763 concerns Ruijie EG306MG 3.0(1)B11P309 where the strongSwan component processes the /etc/strongswan.conf file. The root cause is manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk, leading to missing encryption of sensitive data. The vulnerability can...

6.3CVSS6.9AI score0.00137EPSS
Exploits0References4
NVD
NVD
added 2025/02/11 8:15 p.m.27 views

CVE-2025-25527

Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.34b12 due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary...

5.1CVSS0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.7 views

PT-2024-20280 · Ruijie · Ruijie Rg-Nbs2009G-P Rgos

Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBS2009G-P RGOS version 10.41P2 Release 9736 Description: The issue allows a remote attacker to gain privileges via the login check state component. This is due to an Insecure Permissions vulnerability. A remote attacker can exploit...

9.8CVSS7.5AI score0.00639EPSS
Exploits1References7
OSV
OSV
added 2024/06/23 12:15 p.m.3 views

CVE-2024-6269

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function getip.addrdetails of the file /view/vpn/autovpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection. T...

7.2CVSS5.7AI score0.20644EPSS
Exploits1References4
Rows per page
Query Builder