8.8

CVSS3.1

CVE-2025-56098 -

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 27, 2026, 5:58 p.m.

8.2

CVSS3.1

CVE-2025-14523 - Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-va…

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the b…

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2025-65473 -

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 15, 2025, 7:28 p.m.

8.8

CVSS3.1

CVE-2025-65471 -

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 18, 2025, 9:15 p.m.

8.8

CVSS3.1

CVE-2025-56101 -

OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 27, 2026, 6:10 p.m.

8.8

CVSS3.1

CVE-2025-56097 -

OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 27, 2026, 5:26 p.m.

8.8

CVSS3.1

CVE-2025-56095 -

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 27, 2026, 5:44 p.m.

8.8

CVSS3.1

CVE-2025-56085 -

OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Dec. 26, 2025, 3:39 p.m.

8.8

CVSS3.1

CVE-2025-56114 -

OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 7, 2026, 8:31 p.m.

8.8

CVSS3.1

CVE-2025-56123 -

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

πŸ“… Published: Dec. 11, 2025, midnight πŸ”„ Last Modified: Jan. 27, 2026, 5:35 p.m.
Total resulsts: 349182
Page 2670 of 34,919
Β« previous page Β» next page
Filters