CVE-2025-65363

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-65363

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65363.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-65363

Published

2025-12-08T17:16:20.747Z

Modified

2026-03-15T14:54:11.778915Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Authenticated append-style command-injection Ruijie APs (APRGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "11.1.0"
            },
            {
                "last_affected": "11.1\\(9\\)B1P21"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65363.json"