Lucene search
K

54836 matches found

CVE
CVE
added 2025/12/11 12:0 a.m.16 views

CVE-2025-56117

Summary: CVE-2025-56117 is an OS Command Injection in Ruijie X30-PRO (X30-PRO-V1_09241521). The flaw allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set handler in the file /usr/local/lua/dev_sta/nbr_cwmp.lua. What is affected: Ruijie X30-PRO devic...

8.8CVSS7.5AI score0.02666EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.26 views

CVE-2025-56120

The CVE-2025-56120 issue affects the Ruijie X60 PRO family (X60_10212014RG-X60 PRO) with firmware versions V1.00 and V2.00. The root cause is an OS Command Injection via a crafted POST request to the module_set in /usr/local/lua/dev_config/config_retain.lua, enabling arbitrary command execution w...

8.8CVSS7.5AI score0.02308EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.17 views

CVE-2025-56092

CVE-2025-56092 affects Ruijie X30 PRO V1 (X30-PRO-V1_09241521). The vulnerability is an OS Command Injection in the module_get function located at /usr/local/lua/dev_sta/networkConnect.lua, triggered by a crafted POST request. The CVE details indicate an attacker can execute arbitrary commands wi...

8.8CVSS7.4AI score0.02627EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.19 views

CVE-2025-56097

Summary: CVE-2025-56097 is an OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO (B11P226_EW1800GX-PRO_10223117). An attacker can inject and execute arbitrary commands by issuing a crafted POST request to the module_set function in the file /usr/local/lua/dev_config/config_retain.lua. A...

8.8CVSS7.5AI score0.02244EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.14 views

CVE-2025-56090

The CVE-2025-56090 issue affects Ruijie RG-EW1200G PRO devices (V1.00–V4.00). It is an OS command injection vulnerability where unvalidated input in the file /usr/local/lua/dev_config/config_retain.lua allows an attacker to execute arbitrary commands via a crafted POST to the module_set function....

8.8CVSS7.5AI score0.02627EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.19 views

CVE-2025-56085

CVE-2025-56085 affects Ruijie RG-EW1200 devices running EW 3.0(1)B11P227 EW1200 11130208RG-EW1200 V1.00. The flaw is an OS command injection in the module_set handler triggered by a crafted POST to /usr/local/lua/dev_config/config_retain.lua, stemming from unvalidated input. This can allow an att...

8.8CVSS7.5AI score0.02554EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.16 views

CVE-2025-56091

CVE-2025-56091 is an OS Command Injection affecting Ruijie RG-EW1800GX (B11P226_EW1800GX_10223121). An attacker can trigger arbitrary command execution via a crafted POST to /usr/local/lua/dev_config/config_retain.lua (module_set). The CVSS 3.1 base score is 8.8 (HIGH) with network attack vector,...

8.8CVSS7.5AI score0.02627EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.14 views

CVE-2025-56106

CVE-2025-56106 applies to Ruijie RG-EW1800GX (B11P226_EW1800GX_10223121). The vulnerability is an OS Command Injection that allows an attacker to execute arbitrary commands via a crafted POST request to the module_set handler in /usr/local/lua/dev_sta/nbr_cwmp.lua. Impact is high (arbitrary comma...

8.8CVSS7.5AI score0.02486EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.6 views

MaxKB 竞争条件问题漏洞

MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A competitive condition issue vulnerability exists in MaxKB 2.3.1 and earlier versions, which stems from a tool module that allows an attacker to escape the sandbox...

10CVSS6.7AI score0.00272EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/11 12:0 a.m.5 views

EUVD-2025-202740

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

7.3AI score0.02627EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.24 views

CVE-2025-56093

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua...

0.02755EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50667

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX PRO versions B11P226 EW1800GX-PRO 10223117 Description An issue exists in Ruijie RG-EW1800GX PRO that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set within t...

8.8CVSS7.2AI score0.02244EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.23 views

CVE-2025-56091

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

0.02627EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50654

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX PRO versions B11P226 EW1800GX-PRO 10223117 Description An issue exists in Ruijie RG-EW1800GX PRO that may allow attackers to execute arbitrary commands. This can occur through a specially crafted POST request sent to the...

8.8CVSS7AI score0.0185EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.25 views

CVE-2025-56090

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

0.02627EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50685

Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An OS Command Injection issue exists in Ruijie X60 PRO. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set function within the...

8.8CVSS7.6AI score0.02308EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50650

Name of the Vulnerable Software and Affected Versions Ruijie RG-RAP2200E version 247 2200 Description An issue exists in Ruijie RG-RAP2200E 247 2200 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set in the /usr/local/lua/dev...

8.8CVSS7.1AI score0.02482EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Ruijie X60 PRO 安全漏洞

Ruijie X60 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in Ruijie X60 PRO X6010212014RG-X60 PRO version V1.00V2.00, which originates from improper handling of a specially crafted POST request for moduleset in the file...

8.8CVSS7AI score0.02308EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/11 12:0 a.m.4 views

EUVD-2025-202746

OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

7.3AI score0.02554EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50682

Name of the Vulnerable Software and Affected Versions Ruijie M18 EW 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...

8.8CVSS7AI score0.02244EPSS
Exploits1References5
Rows per page
Query Builder