Latest CVE Feed
-
6.3
MEDIUMCVE-2024-39954
CWE-918 Server-Side Request Forgery (SSRF) in eventmesh-runtime module in WebhookUtil.java on windows\linux\mac os e.g. allows the attacker can abuse functionality on the server to read or update internal resources. Users are recommended to upgrade to ver... Read more
Affected Products : eventmesh- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-24322
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trig... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.5
HIGHCVE-2025-24496
An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this v... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-27129
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4507
A vulnerability was found in Ruijie RG-UAC up to 20240428 and classified as critical. This issue affects some unknown processing of the file /view/IPV6/ipv6StaticRoute/static_route_add_ipv6.php. The manipulation of the argument text_prefixlen/text_gateway... Read more
- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
8.6
HIGHCVE-2025-30256
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerabilit... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vu... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-32010
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
6.5
MEDIUMCVE-2025-55499
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4255
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os comma... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: Apr. 27, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4508
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been classified as critical. Affected is an unknown function of the file /view/IPV6/ipv6StaticRoute/static_route_edit_ipv6.php. The manipulation of the argument oldipmask/oldgateway/olddevn... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4509
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr lea... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4813
A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240506. Affected is an unknown function of the file /view/networkConfig/physicalInterface/interface_commit.php. The manipulation of the argument name leads to os command inject... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4814
A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240506. Affected by this vulnerability is an unknown functionality of the file /view/networkConfig/RouteConfig/StaticRoute/static_route_edit_commit.php. The manipulation of the argu... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4815
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240506. Affected by this issue is some unknown functionality of the file /view/bugSolve/viewData/detail.php. The manipulation of the argument filename leads to os c... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4816
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506. This affects an unknown part of the file /view/networkConfig/GRE/gre_add_commit.php. The manipulation of the argument name/remote/local/IP leads to os command in... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4506
A vulnerability has been found in Ruijie RG-UAC up to 20240428 and classified as critical. This vulnerability affects unknown code of the file /view/IPV6/ipv6Addr/ip_addr_edit_commit.php. The manipulation of the argument text_ip_addr/orgprelen/orgname lea... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4505
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injectio... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4504
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240428. Affected by this issue is some unknown functionality of the file /view/HAconfig/baseConfig/commit.php. The manipulation of the argument peer_ip/local_ip lea... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4503
A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. The manipulation of the argument interface_from leads to ... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025