216.73.217.80

CVE-2025-56120

· Published 11/12/2025 19:15 · Modified 23/12/2025 15:51

Labels: CVE-2025-56120 2025-12-11CVE-2025-56120[email protected]

Essential information

Published
11/12/2025 19:15
Modified
23/12/2025 15:51
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ruijie / rg-x60 pro firmware cpe:2.3:o:ruijie:rg-x60_pro_firmware:1.021.2014:*:*:*:*:*:*:*
ruijie / rg-x60 pro cpe:2.3:h:ruijie:rg-x60_pro:1.0:*:*:*:*:*:*:*
ruijie / rg-x60 pro cpe:2.3:h:ruijie:rg-x60_pro:2.0:*:*:*:*:*:*:*
ruijie / rg-ew1200 firmware cpe:2.3:o:ruijie:rg-ew1200_firmware:3.0\(1\)b11p301:*:*:*:*:*:*:*
ruijie / rg-ew1200 cpe:2.3:h:ruijie:rg-ew1200:-:*:*:*:*:*:*:*

References