4 matches found
CVE-2025-65363
Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...
PT-2025-49570
Name of the Vulnerable Software and Affected Versions Ruijie APs versions 11.1.x Description An authenticated user with web access can inject shell commands on Ruijie APs. This allows execution of appended shell expressions as root through the command parameter in the ''web action.do'' endpoint...
CVE-2025-65363
Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...
CVE-2025-65363
CVE-2025-65363 affects Ruijie AP_RGOS 11.1.x. An authenticated web user can inject appended shell expressions via the command parameter to the web_action.do endpoint, executing as root and enabling file disclosure, device disruption, and potential network pivoting. Reports across multiple sources...