33 matches found
CVE-2023-7330
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of...
EUVD-2025-198992
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of...
CVE-2023-7330
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of...
PT-2025-47958
Name of the Vulnerable Software and Affected Versions Ruijie NBR series routers affected versions not specified Description Ruijie NBR series routers contain an unauthenticated arbitrary file upload issue via the /ddi/server/fileupload.php endpoint. The endpoint accepts attacker-controlled values...
VulnCheck KEV: CVE-2023-7330
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of...
EUVD-2023-52879
Malicious code in bioql PyPI...
EUVD-2023-34731
Malicious code in bioql PyPI...
CVE-2025-34057
An information disclosure vulnerability exists in Ruijie NBR series routers known to affect NBR2000G, NBR1300G, and NBR1000 models via the /WEBVMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker ca...
VulnCheck KEV: CVE-2025-34057
An information disclosure vulnerability exists in Ruijie NBR series routers known to affect NBR2000G, NBR1300G, and NBR1000 models via the /WEBVMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker ca...
CVE-2023-48849
Ruijie EG Series Routers version EG3.01B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering...
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service...
VulnCheck KEV: CVE-2021-43163
A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the checkNet function in /cgi-bin/luci/api/auth...
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service...
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service...
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service...
PT-2024-12228 · Ruijie · Ruijie Eg105G +3
Name of the Vulnerable Software and Affected Versions: Ruijie EG210G-P affected versions not specified Ruijie EG105G-V2 affected versions not specified Ruijie NBR affected versions not specified Ruijie EG105G affected versions not specified Description: An issue in the mentioned Ruijie routers...
The vulnerability of the vpnAction function (/itbox_pi/vpn_quickset_service.php?a=set_vpn) in the microprogramming software for Ruijie’s RG-EG series routers allows a hacker to execute arbitrary commands.
The vulnerability of the vpnAction function /itboxpi/vpnquicksetservice.php?a=setvpn of the Ruijie RG-EG series router microprogramming software is related to the failure to eliminate special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to...
CVE-2023-48849
Ruijie EG Series Routers version EG3.01B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering...
CVE-2023-48849
Ruijie EG Series Routers version EG3.01B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering...
Exploit for CVE-2023-48849
CVE-2023-48849 Ruijie EG Series Routers firmware =EG3.01B...