CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2025/12/12 1:6 a.m.•4 views

CVE-2025-56087

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the runtcpdump in file /usr/lib/lua/luci/controller/admin/commontcpdump.lua...

8.8CVSS7.9AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/12/12 1:6 a.m.•2 views

CVE-2025-56082

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the checkchanges in file /usr/lib/lua/luci/controller/admin/common.lua...

8.8CVSS7.9AI score0.00259EPSS

Exploits0References1

RedhatCVE•added 2025/12/12 1:6 a.m.•2 views

CVE-2025-56127

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the getwanobj in file /usr/lib/lua/luci/controller/admin/common.lua...

8.8CVSS7.9AI score0.0171EPSS

Exploits1References1

RedhatCVE•added 2025/12/12 1:6 a.m.•4 views

CVE-2025-56107

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submitwifi in file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua...

8.8CVSS7.9AI score0.00065EPSS

Exploits0References1

RedhatCVE•added 2025/12/12 1:6 a.m.•1 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

8.8CVSS7.9AI score0.01437EPSS

Exploits1References1

OSV•added 2025/12/11 7:15 p.m.•0 views

CVE-2025-56127

8.8CVSS6.1AI score0.0171EPSS

Exploits1References3

NVD•added 2025/12/11 6:16 p.m.•2 views

CVE-2025-56082

8.8CVSS0.00259EPSS

Exploits0References3

Cvelist•added 2025/12/11 12:0 a.m.•25 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

0.0171EPSS

Exploits1References3

Vulnrichment•added 2025/12/11 12:0 a.m.•1 views

CVE-2025-56129

7.5AI score0.01437EPSS

Exploits1References3

Cvelist•added 2025/12/11 12:0 a.m.•19 views

CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

0.01091EPSS

Exploits1References3

CVE•added 2025/12/11 12:0 a.m.•4 views

CVE-2025-56127

The CVE-2025-56127 entry concerns Ruijie RG-BCR RG-BCR600W. The vulnerability is an OS Command Injection in the get_wanobj handler inside /usr/lib/lua/luci/controller/admin/common.lua, triggered by a crafted POST request. The root cause is improper handling of crafted input, enabling execution of...

8.8CVSS7.5AI score0.0171EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/12/11 12:0 a.m.•1 views

CVE-2025-56082

7.5AI score0.00259EPSS

Exploits0References3

Vulnrichment•added 2025/12/11 12:0 a.m.•2 views

CVE-2025-56087

7.5AI score0.00084EPSS

Exploits0References3

CNNVD•added 2025/12/11 12:0 a.m.•4 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR600W version, which originates from unvalidated input to the restartmodules function in the file /usr/lib/lua/luci/controller/admin/common.lua, which could lead to an OS...

8.8CVSS7.2AI score0.00201EPSS

Exploits0References3

CVE•added 2025/12/11 12:0 a.m.•10 views

CVE-2025-56107

CVE-2025-56107 affects Ruijie RG-BCR RG-BCR600W. A OS Command Injection exists in the submit_wifi function accessed via a crafted POST to /usr/lib/lua/luci/controller/admin/common_quick_config.lua. CVSSv3.1 base score 8.8 (HIGH) with network exposure, low attack complexity, and no user interactio...

8.8CVSS7.5AI score0.00065EPSS

Exploits0References3Affected Software1

CVE•added 2025/12/11 12:0 a.m.•12 views

CVE-2025-56087

CVE-2025-56087 affects Ruijie RG-BCR RG-BCR600W. The OS Command Injection exists in the run_tcpdump handling path: /usr/lib/lua/luci/controller/admin/common_tcpdump.lua, due to unvalidated input in the POST to run_tcpdump. This yields arbitrary command execution with high impact (per CVSS: Networ...

8.8CVSS7.5AI score0.00084EPSS

Exploits0References3Affected Software1

CVE•added 2025/12/11 12:0 a.m.•9 views

CVE-2025-56109

CVE-2025-56109: OS Command Injection in Ruijie RG-BCR RG-BCR860. A crafted POST to /usr/lib/lua/luci/control/admin/wireless.lua (action_wireless) can execute arbitrary OS commands. CVSSv3.1: 8.8 (HIGH) with network attack vector, low attack complexity, low privileges required, no user interaction...

8.8CVSS7.5AI score0.01091EPSS

Exploits1References3Affected Software1

CNVD•added 2021/02/05 12:0 a.m.•2 views

Information Disclosure Vulnerability in Ruijie RG-BCR Series Routers

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products, storage, and so on. An information disclosure vulnerability exists in Ruijie RG-BCR...

6.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by