Vulnerability Description
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ruijie | X30 Pro Firmware | - |
| Ruijie | X30 Pro | 1.0 |
| Ruijie | Rg-Ew300 Pro Firmware | 3.0\(1\)b11p219 |
| Ruijie | Rg-Ew300 Pro | - |
| Ruijie | Rg-Eap602 Firmware | 3.0\(1\)b2p55 |
| Ruijie | Rg-Eap602 | - |
Related Weaknesses (CWE)
References
- https://1drv.ms/f/c/12406a392c92914b/EtGIxwWujwxBvQhL9wgnUIwBkg-mndJJX07Igr6d0ciProductBroken Link
- https://1drv.ms/t/c/12406a392c92914b/Edoz9sBTjeJMqw8K0f3lWgMBNxBlpE9IIUwOX2h2S1cThird Party AdvisoryBroken Link
- https://github.com/flegoity/Ruijie-Multiple-Devices-Vulnerability-Reports-for-CVNot Applicable
- https://github.com/flegoity/Ruijie-Multiple-Devices-Vulnerability-Reports-for-CVExploitThird Party Advisory
FAQ
What is CVE-2025-56093?
CVE-2025-56093 is a vulnerability with a CVSS score of 8.8 (HIGH). OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wi...
How severe is CVE-2025-56093?
CVE-2025-56093 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-56093?
Check the references section above for vendor advisories and patch information. Affected products include: Ruijie X30 Pro Firmware, Ruijie X30 Pro, Ruijie Rg-Ew300 Pro Firmware, Ruijie Rg-Ew300 Pro, Ruijie Rg-Eap602 Firmware.