Описание
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-56079
- https://1drv.ms/f/c/12406a392c92914b/EjGDN1e4xfZOhROI3hzjKr0Bb9TVCN03MAR_VK56P8V3Ug?e=NmUXvt
- https://1drv.ms/t/c/12406a392c92914b/EZdYNxRd8ilMrCRXLnltUKEBiBXJzrTc9i7Y643cuho9PA?e=7Bifxw
- https://github.com/flegoity/Ruijie-Multiple-Devices-Vulnerability-Reports-for-CVE/blob/main/CVE-2025-56079.md
Связанные уязвимости
CVSS3: 8.8
nvd
около 2 месяцев назад
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.