CVE-2025-56098

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

CVE-2025-56099

OS Command Injection vulnerability in Ruijie RG-YST AP3.01B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

PT-2025-50689

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR600W affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be triggered by sending a specially crafted POST request to the get wanobj function within the...

CVE-2025-56090

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

PT-2025-50682

Name of the Vulnerable Software and Affected Versions Ruijie M18 EW 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...

CVE-2025-56130

The CVE-2025-56130 affects Ruijie RG-S1930 series switches (S1930SWITCH_3.0(1)B11P230). AOS vulnerability: OS Command Injection via a crafted POST to the module_update endpoint in /usr/local/lua/dev_config/ace_sw.lua. Impact is arbitrary command execution with high severity (CVSS 3.1: AV:N/AC:L/P...

PT-2025-50662

Name of the Vulnerable Software and Affected Versions Ruijie X30 PRO V1 X30-PRO-V1 09241521 Description An issue exists in Ruijie X30 PRO V1 X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module get function within t...

PT-2025-50653

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set...

EUVD-2025-202744

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

PT-2025-50675

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to th...

EUVD-2025-202743

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

PT-2025-50650

Name of the Vulnerable Software and Affected Versions Ruijie RG-RAP2200E version 247 2200 Description An issue exists in Ruijie RG-RAP2200E 247 2200 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set in the /usr/local/lua/dev...

Ruijie RG-YST 安全漏洞

Ruijie RG-YST is a series of wireless bridges from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-YST YSTAP3.01B11P280YST250F V1.xxV2.xx version, which originates from mishandling of a specially crafted POST request for pwdmodify in the file...

PT-2025-50659

Name of the Vulnerable Software and Affected Versions Ruijie M18 EW versions 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...

PT-2025-50674

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX versions B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the...

CVE-2025-56127

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the getwanobj in file /usr/lib/lua/luci/controller/admin/common.lua...

CVE-2025-56087

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR600W version, which originates from unvalidated input to the restartmodules function in the file /usr/lib/lua/luci/controller/admin/common.lua, which could lead to an OS...

CVE-2025-56091

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...