CVE-2025-9424 | Ruijie WS7204-A 2017.06.15 branch_import.php?a=branch_list province os command injection

Inserito da Angelo Barbosa | Ago 25, 2025 | CVE

A vulnerability categorized as critical has been discovered in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itbox_pi/branch_import.php?a=branch_list. Such manipulation of the argument province leads to os command injection.

This vulnerability is documented as CVE-2025-9424. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9424 | Ruijie WS7204-A 2017.06.15 branch_import.php?a=branch_list province os command injection

Post correlati

CVE-2024-47896 | Imagination Technologies Graphics DDK up to 24.3 RTM out-of-range pointer offset

CVE-2024-47726 | Linux Kernel up to 6.11.1 Privilege Escalation (e3db757ff9b7/96cfeb038953)

CVE-2024-11336 | dactum Clickbank Plugin up to 1.7 on WordPress Setting cross-site request forgery

CVE-2024-54148 | Gogs up to 0.13.0 symlink (ID 7582)