Nbr Series Routers
Approved changes feed: RSS · Atom
cpe:2.3:a:beijing_star-net_ruijie_network_technology_co.,_ltd.:nbr_series_routers:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Beijing Star Net Ruijie Network Technology Co., Ltd. (f566b4d8-29a5-5f41-b245-32d83e2385c8) |
|---|---|
| Product | Nbr Series Routers (467c0b02-caea-522a-9416-8b17cb042b1a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7330 |
vulnerable | 2026-06-03 14:54:00.454795 |
Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of file type, path, or extension. A remote attacker can upload a crafted PHP file and then access it from the web root, resulting in arbitrary code execution in the context of the web service. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-14 UTC.
Published: 2025-11-24T20:31:19.914Z
Updated: 2025-11-25T13:04:06.622Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.