CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

EUVD-2025-31433

Malicious code in bioql PyPI...

CVE-2025-11073

A vulnerability was detected in Keyfactor RG-EW5100BE EW3.0B11P280EW5100BE-PRO12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Request Handler. The manipulation of the argument url results in command injection. The attack can be...

CVE-2025-11073

A vulnerability was detected in Keyfactor RG-EW5100BE EW3.0B11P280EW5100BE-PRO12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Request Handler. The manipulation of the argument url results in command injection. The attack can be...

CVE-2025-11073

CVE-2025-11073 affects Keyfactor RG-EW5100BE EW_3.0B11P280_EW5100BE-PRO_12183019: the HTTP POST Request Handler in /cgi-bin/luci/api/cmd has an argument url that can be manipulated to trigger command injection. The vulnerability is remote and the exploit is public. Connected records consistently ...

CVE-2025-11073 Keyfactor RG-EW5100BE HTTP POST Request cmd command injection

A vulnerability was detected in Keyfactor RG-EW5100BE EW3.0B11P280EW5100BE-PRO12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Request Handler. The manipulation of the argument url results in command injection. The attack can be...

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

CVE-2023-34644

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW3.01B11P204, RG-NBS and RG-S1930 series switches SWITCH3.01B11P218, RG-EG series business VPN routers EG3.01B11P216, EAP and RAP series wireless access points AP3.01B11P218, NBC series wirele...

CVE-2021-43164

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the updateVersion function in /cgi-bin/luci/api/wireless...

CVE-2021-43159

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the setSessionTime function in /cgi-bin/luci/api/common...

CVE-2021-43159

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the setSessionTime function in /cgi-bin/luci/api/common...

锐捷网络 RG-EW Series Routers 命令注入漏洞

Ruijie RG-EW Series Routers is a router from Ruijie Networks Ruijie, China. A command injection vulnerability exists in Ruijie RG-EW Series Routers, which originates from the setSessionTime function in /cgi-bin/luci/api/common. The following products and versions are affected: ReyeeOS 1.55.1915 /...

锐捷网络 RG-EW Series Routers 命令注入漏洞

The Ruijie RG-EW Series Routers is a router from China's Ruijie Networks Ruijie. A command injection vulnerability exists in Ruijie RG-EW Series Routers, which originates from the doSwitchApi function in /cgi-bin/luci/api/switch. The following products and versions are affected: ReyeeOS 1.55.1915...