VulDB Recent Entries

A vulnerability was found in Google Android. It has been declared as critical. This impacts the function WAVES_send_data_to_dsp of the file libaoc_waves.c. The manipulation results in out-of-bounds write. This vulnerability was named CVE-2025-36925. The attack needs to be approached locally. There is no available exploit. Applying a patch is advised to resolve this issue.

A vulnerability was found in Google Android. It has been classified as problematic. This affects the function aoc_service_read_message of the file aoc_ipc_core.c. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-36918. Local access is required to approach this attack. No exploit exists. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android and classified as problematic. The impacted element is the function gxp_main_actor of the file gxp_main_actor.cc. Executing manipulation can lead to race condition. This vulnerability is handled as CVE-2025-36916. It is possible to launch the attack on the local host. There is not any exploit available. It is best practice to apply a patch to resolve this issue.

A vulnerability has been found in Ruijie RG-EW1800GX and classified as critical. The affected element is the function module_set of the file /usr/local/lua/dev_config/config_retain.lua of the component POST Handler. Performing manipulation results in os command injection. This vulnerability is known as CVE-2025-56091. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability, which was classified as critical, was found in Ruijie RG-EW1200G PRO 1.00/2.00/3.00/4.00. Impacted is the function module_set of the file /usr/local/lua/dev_config/config_retain.lua of the component POST Handler. Such manipulation leads to os command injection. This vulnerability is traded as CVE-2025-56090. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Ruijie M18 3.0. This issue affects the function module_set of the file /usr/local/lua/dev_sta/nbr_cwmp.lua of the component POST Handler. This manipulation causes os command injection. This vulnerability appears as CVE-2025-56089. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in Ruijie RG-EW1200 1.00/3.0. This vulnerability affects the function module_get of the file /usr/local/lua/dev_sta/networkConnect.lua of the component POST Handler. The manipulation results in os command injection. This vulnerability is reported as CVE-2025-56086. The attack can be launched remotely. No exploit exists.

A vulnerability classified as critical has been found in Ruijie RG-EW1200 1.00/3.0. This affects the function module_set of the file /usr/local/lua/dev_config/config_retain.lua of the component POST Handler. The manipulation leads to os command injection. This vulnerability is documented as CVE-2025-56085. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as critical has been identified in Ruijie RG-EW1800GX PRO. Affected by this issue is the function module_set of the file /usr/local/lua/dev_sta/nbr_cwmp.lua of the component POST Handler. Executing manipulation can lead to os command injection. This vulnerability is registered as CVE-2025-56084. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as critical has been reported in Ruijie X30-PRO. Affected by this vulnerability is the function module_set of the file /usr/local/lua/dev_sta/nbr_networkId_merge.lua of the component POST Handler. Performing manipulation results in os command injection. This vulnerability is cataloged as CVE-2025-56083. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in Ruijie X60 PRO 1.00/2.00. Affected is the function module_set of the file /usr/local/lua/dev_config/config_retain.lua of the component POST Handler. Such manipulation leads to os command injection. This vulnerability is listed as CVE-2025-56120. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as critical has been detected in Ruijie X60 PRO 1.00/2.00. This impacts the function module_set of the file /usr/local/lua/dev_sta/nbr_cwmp.lua of the component POST Handler. This manipulation causes os command injection. This vulnerability is tracked as CVE-2025-56118. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability categorized as critical has been discovered in Ruijie X30-PRO. This affects the function module_set of the file /usr/local/lua/dev_sta/nbr_cwmp.lua of the component POST Handler. The manipulation results in os command injection. This vulnerability is identified as CVE-2025-56117. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Ruijie M18 3.0. It has been rated as critical. The impacted element is the function module_set of the file /usr/local/lua/dev_config/config_retain.lua of the component POST Handler. The manipulation leads to os command injection. This vulnerability is referenced as CVE-2025-56114. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Ruijie RG-S1930 3.0. It has been declared as critical. The affected element is the function module_update of the file /usr/local/lua/dev_config/ace_sw.lua of the component POST Handler. Executing manipulation can lead to os command injection. The identification of this vulnerability is CVE-2025-56130. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Ruijie X60 PRO 1.00/2.00. It has been classified as critical. Impacted is the function module_get of the file /usr/local/lua/dev_sta/networkConnect.lua of the component POST Handler. Performing manipulation results in os command injection. This vulnerability was named CVE-2025-56124. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Ruijie RG-EW1200G PRO 1.00/2.00/3.00/4.00 and classified as critical. This issue affects the function module_get of the file /usr/local/lua/dev_sta/networkConnect.lua of the component POST Handler. Such manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2025-56123. The attack can be launched remotely. No exploit exists.

A vulnerability has been found in Ruijie RG-EW1800GX PRO and classified as critical. This vulnerability affects the function module_get of the file /usr/local/lua/dev_sta/networkConnect.lua of the component POST Handler. This manipulation causes os command injection. This vulnerability is handled as CVE-2025-56122. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Ruijie RG-BCR RG-BCR860. This affects the function action_deal_update in the library /usr/lib/lua/luci/controller/api/rcmsAPI.lua of the component POST Handler. The manipulation results in os command injection. This vulnerability is known as CVE-2025-56110. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in Ruijie RG-EW1800GX. Affected by this issue is the function module_set of the file /usr/local/lua/dev_sta/nbr_cwmp.lua of the component POST Handler. The manipulation leads to os command injection. This vulnerability is traded as CVE-2025-56106. It is possible to initiate the attack remotely. There is no exploit available.