54838 matches found
Ruijie X60 PRO 安全漏洞
Ruijie X60 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in Ruijie X60 PRO X6010212014RG-X60 PRO version V1.00V2.00, which originates from improper handling of a specially crafted POST request for moduleset in the file...
EUVD-2025-202746
OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...
PT-2025-50682
Name of the Vulnerable Software and Affected Versions Ruijie M18 EW 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...
CVE-2025-56092
OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991125)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991125 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991132)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991132 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...
Ruijie X30 PRO 安全漏洞
Ruijie X30 PRO is a home wireless router from Ruijie China. A security vulnerability exists in the Ruijie X30 PRO X30-PRO-V109241521 version, which stems from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to the...
hfly 安全漏洞
hfly is a travel website by baowzh individual developer. A security vulnerability exists in hfly, which originates from a flaw in the file /admin/index.php/advtext/add of the component advtext Module, which could lead to a cross-site scripting attack...
PT-2025-50684
Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An OS Command Injection issue exists in Ruijie X60 PRO. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set function within the...
FreePBX 操作系统命令注入漏洞
FreePBX formerly known as Asterisk Management Portal is a suite of tools for configuring Asterisk an IP telephony system via a GUI web-based graphical interface from the FreePBX project. An operating system command injection vulnerability exists in FreePBX version 16, which stems from remote code...
EUVD-2025-202742
OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56120
OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...
PT-2025-50683
Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set paramet...
PT-2025-50681
Name of the Vulnerable Software and Affected Versions Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F versions V1.xxV2.xx Description An OS Command Injection issue exists in Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F. Successful exploitation allows attackers to execute arbitrary commands. This is...
Important Photon OS Security Update - PHSA-2025-5.0-0710
Updates of 'Linux-PAM', 'httpd' packages of Photon OS have been released...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991122)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991122 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic...
CVE-2025-67513
CVE-2025-67513 affects FreePBX Endpoint Manager (module for managing telephony endpoints in FreePBX). Versions prior to 16.0.96 and 17.0.1 through 17.0.9 use a weak default 6‑digit app_password, which can be brute-forced. Depending on local configuration, this password could grant access to the e...
CVE-2025-65950
WBCE CMS is a content management system. In versions 1.6.4 and below, the user management module allows a low-privileged authenticated user with permissions to modify users to execute arbitrary SQL queries. This can be escalated to a full database compromise, data exfiltration, effectively...
CVE-2025-42880
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
Huawei HarmonyOS Competitive Conditions Vulnerability
Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from a competitive condition vulnerability, which originates from a competitive condition vulnerability in the audio module, and can be exploited by an attacker to affect...