HIGHCVE-2026-23699Published Modified CNA jpcert
CVE-2026-23699: AP180 series with firmware versions prior to AP_RGOS 11
AP180 series with firmware versions prior to AP_RGOS 11.9(4)B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices.
Metrics
- CVSS v4.0
- 8.6
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 9
Affected packages
- Ruijie Networks Co., Ltd. / AP180(JA) V1.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180(JP) V1.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-AC V1.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-PE V1.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180(JA) V2.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-AC V2.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-PE V2.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-AC V3.xxprior to AP_RGOS 11.9(4)B1P8
- Ruijie Networks Co., Ltd. / AP180-PE V3.xxprior to AP_RGOS 11.9(4)B1P8
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences