Rg-ew300 Pro CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-56098	1 Ruijie	5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more	2026-01-27	8.8 High
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
CVE-2025-56093	1 Ruijie	7 Rg-eap602, Rg-eap602 Firmware, Rg-ew300 Pro and 4 more	2026-01-27	8.8 High
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua.
CVE-2025-56094	1 Ruijie	5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more	2026-01-27	8.8 High
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay.lua.
CVE-2025-56108	1 Ruijie	11 Rg-eap602, Rg-eap602 Firmware, Rg-est310 and 8 more	2026-01-26	8.8 High
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.
CVE-2025-56085	1 Ruijie	4 Rg-ew1200, Rg-ew1200 Firmware, Rg-ew300 Pro and 1 more	2025-12-26	8.8 High
OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.
CVE-2023-38902	1 Ruijie	197 Nbc Series Wireless Controllers, Rg-eap101, Rg-eap101 Firmware and 194 more	2024-11-21	8.8 High
A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.

Page 1 of 1.