Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR600W version, which stems from improper handling of a specially crafted POST request for getwanobj in the file /usr/lib/lua/luci/controller/admin/common.lua, which could...

PT-2025-50655

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200 versions EW 3.01B11P227 EW1200 11130208RG-EW1200 V1.00 Description An OS Command Injection issue exists in Ruijie RG-EW1200. Successful exploitation allows attackers to execute arbitrary commands. This is achieved by sending a...

CVE-2025-56079

OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

PT-2025-50685

Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An OS Command Injection issue exists in Ruijie X60 PRO. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set function within the...

CVE-2025-56120

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

Ruijie RG-EW1800GX 安全漏洞

Ruijie RG-EW1800GX is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1800GX that originates from unverified input to the moduleset function in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to an OS command injection attack...

Ruijie X60 PRO 安全漏洞

Ruijie X60 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in Ruijie X60 PRO X6010212014RG-X60 PRO version V1.00V2.00, which originates from improper handling of a specially crafted POST request for moduleset in the file...

EUVD-2025-202751

OS Command Injection vulnerability in Ruijie RG-RAP2200E 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

Ruijie X30 PRO 安全漏洞

Ruijie X30 PRO is a home wireless router from China's Ruijie Ruijie. A security vulnerability exists in the Ruijie X30 PRO that stems from improper handling of a specially crafted POST request for pwdmodify in the file /usr/lib/lua/luci/modules/common.lua, which could result in the execution of...

PT-2025-50673

Name of the Vulnerable Software and Affected Versions Ruijie M18 EW versions 3.01B11P226 M18 10223116 Description An issue exists in Ruijie M18 EW that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the module get...

PT-2025-50688

Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An issue exists in Ruijie X60 PRO that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw present in the module get function within the...

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

CVE-2025-56122

OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

CVE-2025-56102

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

PT-2025-50652

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR600W that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the chec...

PT-2025-50683

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set paramet...

CVE-2025-56117

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

PT-2025-50677

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the pwdmodify...

PT-2025-50672

Name of the Vulnerable Software and Affected Versions Ruijie RG-YST AP versions 3.01B11P280YST250F Description An OS Command Injection issue exists in Ruijie RG-YST AP. An attacker can execute arbitrary commands by sending a specially crafted POST request to the /usr/lib/lua/luci/modules/common.l...

CVE-2025-56088

CVE-2025-56088 affects Ruijie RG-BCR RG-BCR860. The vulnerability is an OS command injection caused by unvalidated input in the action_service endpoint at /usr/lib/lua/luci/controller/admin/service.lua, exploitable via a crafted POST request. Impact as described: arbitrary command execution with ...