Description
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-06-14
Score: 8.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability exists in the nslookup function within the JSON‑RPC Diagnose Endpoint of the Ruijie EG105G‑P routers, firmware 2.340. By manipulating the params.target argument, an attacker can inject arbitrary shell commands, enabling execution of any command on the device. This represents a classic command injection vulnerability (CWE‑74, CWE‑77) that allows complete compromise of confidentiality, integrity, and availability on the targeted device.

Affected Systems

Ruijie EG105G‑P routers running firmware version 2.340 are affected. No other versions or vendors are listed, and the flaw is specific to the JSON‑RPC Diagnose Endpoint within this hardware edition.

Risk and Exploitability

The CVSS base score is 8.6, indicating high severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog, but a public exploit has been released and the vendor has not provided a response. The exploit can be launched remotely, and it is inferred that no authentication is required to reach the vulnerable endpoint. These factors combine to produce a substantial risk of remote compromise for impacted devices.

Generated by OpenCVE AI on June 15, 2026 at 01:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install any firmware update that fixes the nslookup command injection flaw.
  • Restrict access to the /cgi-bin/luci/api/diagnose endpoint by firewall rules, allowing only trusted IP addresses.
  • Implement input validation or block requests containing shell metacharacters, such as backticks or semicolons, on the target parameter.

Generated by OpenCVE AI on June 15, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection
First Time appeared Ruijie
Ruijie eg105g-p
Weaknesses CWE-74
CWE-77
CPEs cpe:2.3:a:ruijie:eg105g-p:*:*:*:*:*:*:*:*
Vendors & Products Ruijie
Ruijie eg105g-p
References
Metrics cvssV2_0

{'score': 8.3, 'vector': 'AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Ruijie Eg105g-p
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-14T23:45:07.805Z

Reserved: 2026-06-14T07:02:24.165Z

Link: CVE-2026-12197

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-15T00:16:43.603

Modified: 2026-06-15T00:16:43.603

Link: CVE-2026-12197

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-15T01:30:21Z

Weaknesses
  • CWE-74

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')