CVE-2025-68459_CVE-2025-68459

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.

Basic Information

ID CVE-2025-68459

Source jpcert

Published Dec 18, 2025 at 05:51

Affected Product

Vendor Ruijie Networks Co., Ltd.

Product AP180-PE V3.xx

Version AP_RGOS 11.9(4)B1P8 and earlier

Affected Versions Ruijie Networks Co., Ltd. AP180-PE V3.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180(JA) V1.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180(JP) V1.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180-AC V1.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180-PE V1.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180(JA) V2.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180-AC V2.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180-PE V2.xx AP_RGOS 11.9(4)B1P8 and earlier
Ruijie Networks Co., Ltd. AP180-AC V3.xx AP_RGOS 11.9(4)B1P8 and earlier

CWE Classification

CWE-78

References

{
    "lastseen": "",
    "description": "RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service.",
    "published": "2025-12-18T05:51:07.988Z",
    "modified": "2025-12-18T05:51:07.988Z",
    "type": "cve",
    "title": "CVE-2025-68459",
    "source": "jpcert",
    "references": "https://www.ruijie.com.cn/gy/xw-aqtg-gw/930282/\nhttps://jvn.jp/en/vu/JVNVU94068946/",
    "id": "CVE-2025-68459",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Ruijie Networks Co., Ltd. AP180-PE V3.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180(JA) V1.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180(JP) V1.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180-AC V1.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180-PE V1.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180(JA) V2.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180-AC V2.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180-PE V2.xx AP_RGOS 11.9(4)B1P8 and earlier\nRuijie Networks Co., Ltd. AP180-AC V3.xx AP_RGOS 11.9(4)B1P8 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AP180-PE V3.xx",
    "version": "AP_RGOS 11.9(4)B1P8 and earlier",
    "vendor": "Ruijie Networks Co., Ltd.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}