CNNVD-202512-2140 Information

CNNVD ID

CNNVD-202512-2140

Related CVE

CVE-2025-56094

• CNNVD Published: 2025-12-11

Description (Chinese)

Ruijie X30 PRO是中国锐捷（Ruijie）公司的一款家用无线路由器。 Ruijie X30 PRO X30-PRO-V1_09241521版本存在安全漏洞，该漏洞源于文件/usr/local/lua/dev_sta/host_access_delay.lua中的module_get函数未验证输入，可能导致OS命令注入攻击。

Description (English)

Ruijie X30 PRO is a home-free router for Ruijie. The Ruijie X30 PRO X30-PRO-V1 09241521 version contains a security loophole that originates from the Module get function in the document/usr/local/lua/dev sta/host access delay.lua, which does not verify the input and may lead to an OS command injection into the attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

锐捷

Published

2025-12-11

Last Modified

2026-02-24

References

https://1drv.ms/f/c/12406a392c92914b/EtGIxwWujwxBvQhL9wgnUIwBkg-mndJJX07Igr6d0cic-g?e=4KJbWY https://1drv.ms/t/c/12406a392c92914b/EX8LVTGd3L9OrXvTuHDFITQBnWL-5C-CINxUmowR7vCVig?e=Quevaq https://github.com/flegoity/Ruijie-Multiple-Devices-Vulnerability-Reports-for-CVE/blob/main/CVE-2025-56094.md