15 matches found
CVE-2025-56089
OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56084
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56118
OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56117
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56117
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56106
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56077
OS Command Injection vulnerability in Ruijie RG-RAP2200E 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56077
OS Command Injection vulnerability in Ruijie RG-RAP2200E 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56084
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56084
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO (B11P226_EW1800GX-PRO_10223117) allows remote attackers to execute arbitrary commands via a crafted POST to /usr/local/lua/dev_sta/nbr_cwmp.lua (module_set). Root cause is unverified input reaching a command execution surface. Affected ...
PT-2025-50659
Name of the Vulnerable Software and Affected Versions Ruijie M18 EW versions 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...
CVE-2025-56117
Summary: CVE-2025-56117 is an OS Command Injection in Ruijie X30-PRO (X30-PRO-V1_09241521). The flaw allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set handler in the file /usr/local/lua/dev_sta/nbr_cwmp.lua. What is affected: Ruijie X30-PRO devic...
CVE-2025-56089
CVE-2025-56089 describes an OS Command Injection in Ruijie M18 EW firmware version 3.0(1)B11P226 M18 10223116. The flaw allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set handler in /usr/local/lua/dev_sta/nbr_cwmp.lua. Public sources (NVD/Red Hat/...
CVE-2025-56084
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56118
CVE-2025-56118 is an OS Command Injection vulnerability in Ruijie X60 PRO (X60_10212014RG-X60 PRO) versions V1.00–V2.00. The issue allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set function in /usr/local/lua/dev_sta/nbr_cwmp.lua. CVSS v3.1 metric...