Lucene search
+L

36 matches found

redhatcve
redhatcve
added 2025/12/12 1:6 a.m.9 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS7.9AI score0.02769EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/12 1:6 a.m.5 views

CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

8.8CVSS7.9AI score0.02769EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/12 1:6 a.m.7 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

8.8CVSS7.9AI score0.03241EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/12 1:6 a.m.7 views

CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

8.8CVSS7.9AI score0.02769EPSS
Exploits1References1
euvd
euvd
added 2025/12/11 9:31 p.m.6 views

EUVD-2025-202726

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

7.3AI score0.02769EPSS
Exploits1References4
osv
osv
added 2025/12/11 7:15 p.m.6 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

8.8CVSS6AI score0.02398EPSS
Exploits1References3
osv
osv
added 2025/12/11 7:15 p.m.5 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS6.1AI score0.02769EPSS
Exploits1References3
nvd
nvd
added 2025/12/11 7:15 p.m.6 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

8.8CVSS0.02769EPSS
Exploits1References3
nvd
nvd
added 2025/12/11 7:15 p.m.18 views

CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionwireless in file /usr/lib/lua/luci/control/admin/wireless.lua...

8.8CVSS0.02769EPSS
Exploits1References3
nvd
nvd
added 2025/12/11 6:16 p.m.7 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

8.8CVSS0.03241EPSS
Exploits1References3
cnnvd
cnnvd
added 2025/12/11 12:0 a.m.6 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for actiondiagnosis in the file /usr/lib/lua/luci/controller/admin/diagnosis.lua, whi...

8.8CVSS6.9AI score0.02398EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/12/11 12:0 a.m.4 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

7.5AI score0.02398EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/12/11 12:0 a.m.6 views

PT-2025-50690

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR860 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the action diagnosis endpoin...

8.8CVSS7AI score0.02398EPSS
Exploits1References6
vulnrichment
vulnrichment
added 2025/12/11 12:0 a.m.5 views

CVE-2025-56110

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondealupdate in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua...

7.5AI score0.02769EPSS
Exploits1References3
euvd
euvd
added 2025/12/11 12:0 a.m.7 views

EUVD-2025-202743

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

7.3AI score0.03241EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2025/12/11 12:0 a.m.5 views

CVE-2025-56111

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the networksetwanconf in file /usr/lib/lua/luci/controller/admin/netport.lua...

7.5AI score0.02769EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/12/11 12:0 a.m.5 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

7.5AI score0.03241EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/12/11 12:0 a.m.6 views

PT-2025-50678

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR860 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the action wireless endpoint...

8.8CVSS7.2AI score0.02769EPSS
Exploits1References5
cve
cve
added 2025/12/11 12:0 a.m.15 views

CVE-2025-56110

CVE-2025-56110 describes an OS command injection affecting Ruijie RG-BCR RG-BCR860. The vulnerability arises from handling of a crafted POST request to the function at /usr/lib/lua/luci/controller/api/rcmsAPI.lua (action_deal_update), allowing an attacker to execute arbitrary commands. Reported C...

8.8CVSS7.5AI score0.02769EPSS
Exploits1References3Affected Software1
cve
cve
added 2025/12/11 12:0 a.m.23 views

CVE-2025-56109

CVE-2025-56109: OS Command Injection in Ruijie RG-BCR RG-BCR860. A crafted POST to /usr/lib/lua/luci/control/admin/wireless.lua (action_wireless) can execute arbitrary OS commands. CVSSv3.1: 8.8 (HIGH) with network attack vector, low attack complexity, low privileges required, no user interaction...

8.8CVSS7.5AI score0.02769EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder