CVE-2025-56083
- EPSS 0.41%
- Veröffentlicht 11.12.2025 18:16:20
- Zuletzt bearbeitet 11.02.2026 19:39:44
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_networkId_merge.lua.
CVE-2025-56084
- EPSS 0.13%
- Veröffentlicht 11.12.2025 18:16:20
- Zuletzt bearbeitet 11.02.2026 19:39:36
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.
CVE-2025-56099
- EPSS 0.32%
- Veröffentlicht 11.12.2025 00:00:00
- Zuletzt bearbeitet 11.02.2026 19:39:26
OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.
CVE-2025-56113
- EPSS 0.32%
- Veröffentlicht 11.12.2025 00:00:00
- Zuletzt bearbeitet 11.02.2026 19:38:58
OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.
CVE-2024-42936
- EPSS 3.4%
- Veröffentlicht 21.01.2025 20:15:30
- Zuletzt bearbeitet 15.12.2025 20:00:17
The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is vulnerable to Remote Code Execution via a modified MQTT broker message.