Primary

Context

Ruijie Networks AP180 Series OS Command Injection Vulnerability

Vulnerability

An OS command injection vulnerability has been identified in the Ruijie Networks AP180 series access points, specifically in firmware versions prior to AP_RGOS 11.9(4)B1P8. This vulnerability allows logged-in users with administrative privileges to execute arbitrary OS commands on the affected devices.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of OS commands with administrative privileges on the affected access points.

Remediation

Users are advised to update the firmware to version AP_RGOS 11.9(4)B1P8 or later. If the update cannot be applied, it is recommended to restrict web access to trusted source IP addresses using ACL or whitelist configurations.

Added: Jan 22, 2026, 2:20 AM

Updated: Jan 22, 2026, 2:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ruijie Networks AP180 Series OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating