22 matches found
EUVD-2025-202733
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56124
OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56102
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56086
OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56079
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56079
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56122
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56102
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56124
CVE-2025-56124 affects Ruijie X60 PRO routers (V1.00–V2.00). The vulnerability is an OS Command Injection in the module_get function invoked via a crafted POST to /usr/local/lua/dev_sta/networkConnect.lua, allowing an attacker to execute arbitrary commands with local privileges. Multiple sources ...
PT-2025-50688
Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An issue exists in Ruijie X60 PRO that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw present in the module get function within the...
PT-2025-50673
Name of the Vulnerable Software and Affected Versions Ruijie M18 EW versions 3.01B11P226 M18 10223116 Description An issue exists in Ruijie M18 EW that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the module get...
CVE-2025-56098
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
CVE-2025-56092
OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
Ruijie RG-EW1800GX 安全漏洞
Ruijie RG-EW1800GX is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1800GX that originates from unverified input to the moduleget function in the file /usr/local/lua/devsta/networkConnect.lua, which could lead to an OS command injection attack...
Ruijie X30 PRO 安全漏洞
Ruijie X30 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie X30 PRO V1 X30-PRO-V109241521 version, which originates from an unvalidated input to the moduleget function in the file /usr/local/lua/devsta/networkConnect.lua, which could lead to an...
CVE-2025-56079
Ruijie RG-EW1300G/EW1300G (V1.00, V2.00, V4.00) are affected. The vulnerability is an OS Command Injection in the /usr/local/lua/dev_sta/networkConnect.lua module_get function, exploitable via a crafted POST request to run arbitrary commands (remote, network-based). Root cause is unsafe handling ...
PT-2025-50686
Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX PRO B11P226 EW1800GX-PRO 10223117 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module get function within the...
PT-2025-50674
Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX versions B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw triggered by a crafted POST request to the...
CVE-2025-56122
CVE-2025-56122 affects Ruijie RG-EW1800GX PRO (B11P226_EW1800GX-PRO_10223117). The vulnerability is an OS Command Injection in the Lua module at /usr/local/lua/dev_sta/networkConnect.lua, exploitable via a crafted POST request to the module_get endpoint. CVSSv3.1 base score 8.8 (HIGH) with networ...
CVE-2025-56092
CVE-2025-56092 affects Ruijie X30 PRO V1 (X30-PRO-V1_09241521). The vulnerability is an OS Command Injection in the module_get function located at /usr/local/lua/dev_sta/networkConnect.lua, triggered by a crafted POST request. The CVE details indicate an attacker can execute arbitrary commands wi...