CVE-2026-1742 EFM ipTIME A8004T VPN Service timepro.cgi commit_vpncli_file_upload unrestricted upload

A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commitvpnclifileupload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit i...

PT-2024-4394 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: A critical issue has been found in the function get ip addr details of the file /view/dhcp/dhcpConfig/commit.php. The manipulation of the argument ethname leads to os command injection. The attack may be...

PT-2024-4354 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: A critical vulnerability exists in Ruijie RG-UAC 1.0 due to the lack of sanitization of special elements used in an operating system command. This allows for remote execution of arbitrary commands throug...

Ruijie Networks RG-UAC 操作系统命令注入漏洞

Ruijie Networks RG-UAC is an Internet behavior management and auditing product from China's Ruijie Networks Ruijie Networks. It is used to solve Internet auditing problems. An operating system command injection vulnerability exists in Ruijie Networks RG-UAC 20240506 and earlier versions, which...

PT-2024-31426 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC up to 20240428 Description: A critical issue has been found in Ruijie RG-UAC, affecting an unknown functionality of the file /view/IPV6/naborTable/add commit.php. The manipulation of the ip addr/mac addr argument leads to os...