Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

CVE-2025-68459 (GCVE-0-2025-68459)

Vulnerability from nvd

Published

2025-12-18 05:51

Modified

2025-12-18 15:33

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')

Summary

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.

References

URL

Tags

	https://www.ruijie.com.cn/gy/xw-aqtg-gw/930282/
	https://jvn.jp/en/vu/JVNVU94068946/

Impacted products

Vendor

Product

Version

Ruijie Networks Co., Ltd.

AP180-PE V3.xx

Version: AP_RGOS 11.9(4)B1P8 and earlier

Ruijie Networks Co., Ltd.	AP180(JA) V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180(JP) V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-PE V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180(JA) V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-PE V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V3.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-68459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T15:28:34.206269Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T15:33:43.033Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AP180-PE V3.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JA) V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JP) V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-PE V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JA) V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-PE V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V3.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T05:51:07.988Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.ruijie.com.cn/gy/xw-aqtg-gw/930282/"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU94068946/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-68459",
    "datePublished": "2025-12-18T05:51:07.988Z",
    "dateReserved": "2025-12-17T23:37:17.886Z",
    "dateUpdated": "2025-12-18T15:33:43.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-68459 (GCVE-0-2025-68459)

Vulnerability from cvelistv5

Published

2025-12-18 05:51

Modified

2025-12-18 15:33

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')

Summary

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.

References

URL

Tags

	https://www.ruijie.com.cn/gy/xw-aqtg-gw/930282/
	https://jvn.jp/en/vu/JVNVU94068946/

Impacted products

Vendor

Product

Version

Ruijie Networks Co., Ltd.

AP180-PE V3.xx

Version: AP_RGOS 11.9(4)B1P8 and earlier

Ruijie Networks Co., Ltd.	AP180(JA) V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180(JP) V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-PE V1.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180(JA) V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-PE V2.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd.	AP180-AC V3.xx	Version: AP_RGOS 11.9(4)B1P8 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-68459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T15:28:34.206269Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T15:33:43.033Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AP180-PE V3.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JA) V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JP) V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-PE V1.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180(JA) V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-PE V2.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        },
        {
          "product": "AP180-AC V3.xx",
          "vendor": "Ruijie Networks Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AP_RGOS 11.9(4)B1P8 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T05:51:07.988Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.ruijie.com.cn/gy/xw-aqtg-gw/930282/"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU94068946/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-68459",
    "datePublished": "2025-12-18T05:51:07.988Z",
    "dateReserved": "2025-12-17T23:37:17.886Z",
    "dateUpdated": "2025-12-18T15:33:43.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Refine your search

2 vulnerabilities found for AP180-AC V2.xx by Ruijie Networks Co., Ltd.

CVE-2025-68459 (GCVE-0-2025-68459)

Vulnerability from nvd

CVE-2025-68459 (GCVE-0-2025-68459)

Vulnerability from cvelistv5