Soumettre #658695: Ruijie NBR2100G-E series Router NBR2100G-E series Router Remote Code Executioninformation

TitreRuijie NBR2100G-E series Router NBR2100G-E series Router Remote Code Execution
DescriptionDuring the security review of " Ruijie NBR2100G-E series Router",I discovered a critical Remote Code Execution vulnerability in the "/itbox_pi/branch_passw.php " file. In the 'list' method, the 'city' parameter is controllable and directly embedded into `` for command execution, resulting in a remote command execution .
La source⚠️ https://github.com/DavCloudz/cve/issues/2
Utilisateur
 Yun Zhang (UID 90491)
Soumission19/09/2025 05:36 (il y a 7 mois)
Modérer28/09/2025 22:39 (10 days later)
StatutAccepté
Entrée VulDB326218 [Ruijie NBR2100G-E jusqu’à 20250919 branch_passw.php?a=list listAction city élévation de privilèges]
Points19

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!