Filtered by vendor Ruijie
Subscriptions
Total
109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-56120 | 1 Ruijie | 5 Rg-ew1200, Rg-ew1200 Firmware, Rg-x60 Pro and 2 more | 2025-12-23 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56118 | 1 Ruijie | 5 Rg-ew3200gx, Rg-ew3200gx Firmware, Rg-x60 Pro and 2 more | 2025-12-23 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56122 | 1 Ruijie | 6 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew1800gx Pro and 3 more | 2025-12-23 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-68459 | 1 Ruijie | 3 Ap180, Ap180-ac, Ap180-pe | 2025-12-21 | 7.2 High |
| RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service. | ||||
| CVE-2023-53881 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2025-12-18 | 8.1 High |
| ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by exploiting the unprotected HTTP polling requests. | ||||
| CVE-2025-56124 | 1 Ruijie | 5 Rg-ew1200, Rg-ew1200 Firmware, Rg-x60 Pro and 2 more | 2025-12-18 | 7.8 High |
| OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56127 | 1 Ruijie | 2 Rg-bcr600w, Rg-bcr600w Firmware | 2025-12-18 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the get_wanobj in file /usr/lib/lua/luci/controller/admin/common.lua. | ||||
| CVE-2025-56130 | 2 Ruijie, Ruijienetworks | 4 Rg-nbs5100-24gt4sfp, Rg-s1930, Rg-s1930 Firmware and 1 more | 2025-12-15 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the module_update in file /usr/local/lua/dev_config/ace_sw.lua. | ||||
| CVE-2025-56129 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2025-12-15 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_diagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua. | ||||
| CVE-2024-42936 | 1 Ruijie | 2 Reyee Os, Rg-ew300n | 2025-12-15 | 9.8 Critical |
| The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is vulnerable to Remote Code Execution via a modified MQTT broker message. | ||||
| CVE-2025-56123 | 1 Ruijie | 1 Rg-ew1200g Pro | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56117 | 1 Ruijie | 1 X30-pro | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56114 | 1 Ruijie | 1 M18 Ew | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56113 | 1 Ruijie | 2 Rg-yst Est, Ystap | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | ||||
| CVE-2025-56111 | 1 Ruijie | 1 Rg-bcr860 | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the network_set_wan_conf in file /usr/lib/lua/luci/controller/admin/netport.lua. | ||||
| CVE-2025-56110 | 1 Ruijie | 1 Rg-bcr860 | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua. | ||||
| CVE-2025-56109 | 1 Ruijie | 1 Rg-bcr860 | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua. | ||||
| CVE-2025-56108 | 1 Ruijie | 1 X30-pro | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | ||||
| CVE-2025-56107 | 1 Ruijie | 1 Rg-bcr600w | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submit_wifi in file /usr/lib/lua/luci/controller/admin/common_quick_config.lua. | ||||
| CVE-2025-56106 | 1 Ruijie | 1 Rg-ew1800gx | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||