CVE-2025-56090

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

EUVD-2025-202746

OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

PT-2025-50601

A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate...

PT-2025-50682

Name of the Vulnerable Software and Affected Versions Ruijie M18 EW 3.01B11P226 M18 10223116 Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the module set component within the file...

CVE-2025-56118

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

CVE-2025-56083

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrnetworkIdmerge.lua...

PT-2025-50661

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to th...

CVE-2025-56120

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991194 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not allow SETID to refer to another table When doing lookups for sets on...

PT-2025-50667

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX PRO versions B11P226 EW1800GX-PRO 10223117 Description An issue exists in Ruijie RG-EW1800GX PRO that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set within t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991118)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991118 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c The missing...

CVE-2025-56117

Summary: CVE-2025-56117 is an OS Command Injection in Ruijie X30-PRO (X30-PRO-V1_09241521). The flaw allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set handler in the file /usr/local/lua/dev_sta/nbr_cwmp.lua. What is affected: Ruijie X30-PRO devic...

CVE-2025-56089

CVE-2025-56089 describes an OS Command Injection in Ruijie M18 EW firmware version 3.0(1)B11P226 M18 10223116. The flaw allows an attacker to execute arbitrary commands by sending a crafted POST request to the module_set handler in /usr/local/lua/dev_sta/nbr_cwmp.lua. Public sources (NVD/Red Hat/...

CVE-2025-56106

CVE-2025-56106 applies to Ruijie RG-EW1800GX (B11P226_EW1800GX_10223121). The vulnerability is an OS Command Injection that allows an attacker to execute arbitrary commands via a crafted POST request to the module_set handler in /usr/local/lua/dev_sta/nbr_cwmp.lua. Impact is high (arbitrary comma...

CVE-2025-56085

CVE-2025-56085 affects Ruijie RG-EW1200 devices running EW 3.0(1)B11P227 EW1200 11130208RG-EW1200 V1.00. The flaw is an OS command injection in the module_set handler triggered by a crafted POST to /usr/local/lua/dev_config/config_retain.lua, stemming from unvalidated input. This can allow an att...

CVE-2025-56091

CVE-2025-56091 is an OS Command Injection affecting Ruijie RG-EW1800GX (B11P226_EW1800GX_10223121). An attacker can trigger arbitrary command execution via a crafted POST to /usr/local/lua/dev_config/config_retain.lua (module_set). The CVSS 3.1 base score is 8.8 (HIGH) with network attack vector,...

CVE-2025-56083

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrnetworkIdmerge.lua...

Ruijie X60 PRO 安全漏洞

Ruijie X60 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in Ruijie X60 PRO X6010212014RG-X60 PRO version V1.00V2.00, which originates from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua,...

CVE-2025-56091

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

Ruijie X30 PRO 安全漏洞

Ruijie X30 PRO is a home wireless router from Ruijie China. A security vulnerability exists in the Ruijie X30 PRO X30-PRO-V109241521 version, which stems from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to the...