CVE-2025-68459 | THREATINT

Description

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.

PUBLISHED Reserved 2025-12-17 | Published 2025-12-18 | Updated 2025-12-18 | Assigner jpcert

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

HIGH: 8.6CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Improper neutralization of special elements used in an OS command ('OS Command Injection')

Product status

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

AP_RGOS 11.9(4)B1P8 and earlier

affected

References

www.ruijie.com.cn/gy/xw-aqtg-gw/930282/

jvn.jp/en/vu/JVNVU94068946/

cve.org (CVE-2025-68459)

nvd.nist.gov (CVE-2025-68459)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu