CVE-2025-56091

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121

Description An issue exists in Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set within the file /usr/local/lua/dev config/config retain.lua.

Recommendations Apply updates to address the issue in the config retain.lua file.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2025-56091

Affected Products

Rg-Ew1800Gx

CVE-2025-56091

Weakness Enumeration

Related Identifiers

Affected Products

References · 6