CNNVD-202509-3625 Information

CNNVD ID

CNNVD-202509-3625

Related CVE

CVE-2025-10774

• CNNVD Published: 2025-09-22

Description (Chinese)

Ruijie 6000-E10是中国锐捷（Ruijie）公司的一款上网行为管理与审计设备。 Ruijie 6000-E10 2.4.3.6-20171117及之前版本存在操作系统命令注入漏洞，该漏洞源于对文件/view/vpn/autovpn/sub_commit.php中参数key的错误操作，可能导致os命令注入攻击。

Description (English)

Ruijie 6000-E10 is an Internet-based conduct management and audit facility for Ruijie. Ruijie 6000-E10 2.4.3.6-2077117 and earlier versions had a loophole in the operating system commands, which resulted from the erroneous operation of the parameter key in the document/view/vpn/autovpn/sub committee.php, which could lead to an Os command injection attack.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Rust

Published

2025-09-22

Last Modified

2026-02-24

References

https://github.com/maximdevere/CVE2/issues/1 https://vuldb.com/?ctiid.325130 https://vuldb.com/?id.325130 https://vuldb.com/?submit.649968