Filtered by vendor Ruijie
                         Subscriptions
                    
                    
                
                    Total
                    63 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2024-4510 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/networkConfig/ArpTable/arp_add_commit.php. The manipulation of the argument text_ip_addr/text_mac_addr leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263114 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-5336 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability has been found in Ruijie RG-UAC up to 20240516 and classified as critical. This vulnerability affects the function addVlan of the file /view/networkConfig/vlan/vlan_add_commit.php. The manipulation of the argument phyport leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266242 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-5337 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical. This issue affects some unknown processing of the file /view/systemConfig/sys_user/user_commit.php. The manipulation of the argument email2/user_name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266243. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-5340 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266246 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-5339 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/vpn/autovpn/online_check.php. The manipulation of the argument peernode leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-5338 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium | 
| A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been classified as critical. Affected is an unknown function of the file /view/vpn/autovpn/online.php. The manipulation of the argument peernode leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266244. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2641 | 1 Ruijie | 2 Rg-nbs2009g-p, Rg-nbs2009g-p Firmware | 2025-08-21 | 5.3 Medium | 
| A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2642 | 1 Ruijie | 2 Rg-nbs2009g-p, Rg-nbs2009g-p Firmware | 2025-08-21 | 7.3 High | 
| A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6184 | 1 Ruijie | 2 Rg-uac, Rg-uac Firmware | 2025-08-21 | 6.3 Medium | 
| A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/reboot/reboot_commit.php. The manipulation of the argument servicename leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269155. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6186 | 1 Ruijie | 2 Rg-uac, Rg-uac Firmware | 2025-08-21 | 6.3 Medium | 
| A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects an unknown part of the file /view/userAuthentication/SSO/commit.php. The manipulation of the argument ad_log_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269157 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6187 | 1 Ruijie | 2 Rg-uac, Rg-uac Firmware | 2025-08-21 | 6.3 Medium | 
| A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269158 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6269 | 1 Ruijie | 2 Rg-uac, Rg-uac Firmware | 2025-08-21 | 4.7 Medium | 
| A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269482 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-25527 | 1 Ruijie | 2 Rg-nbr2600s, Rg-nbr2600s Firmware | 2025-08-13 | 5.1 Medium | 
| Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | ||||
| CVE-2023-30308 | 1 Ruijie | 14 Rg-eg105g, Rg-eg105g Firmware, Rg-eg105g V2 and 11 more | 2025-08-13 | 6.5 Medium | 
| An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service. | ||||
| CVE-2025-8763 | 2 Ruijie, Strongswan | 3 Eg306mg, Rg-eg, Strongswan | 2025-08-12 | 3.7 Low | 
| A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk leads to missing encryption of sensitive data. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2019-16640 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 7.5 High | 
| An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled (%00 and /var/./html are not checked), which can allow an attacker to upload any file to the gateway. This affects EG-2000SE EG_RGOS 11.9 B11P1. | ||||
| CVE-2019-16639 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 9.8 Critical | 
| An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET commands and/or show admin passwords via the mode_url=exec&command= substring. This affects EG-2000SE EG_RGOS 11.9 B11P1. | ||||
| CVE-2019-16641 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 8.4 High | 
| An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1. | ||||
| CVE-2024-28288 | 1 Ruijie | 2 Rg-nbr700gw, Rg-nbr700gw Firmware | 2025-06-30 | 9.8 Critical | 
| Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can use this vulnerability to log in to the device and disrupt the business of the enterprise. | ||||
| CVE-2024-42936 | 1 Ruijie | 2 Reyee Os, Rg-ew300n | 2025-06-18 | 9.8 Critical | 
| The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is vulnerable to Remote Code Execution via a modified MQTT broker message. | ||||