QwikSec

Security Database

CVE

CWE

Training

CVE-2023-7330

Published: Nov 24, 2025

Modified: Nov 25, 2025

PUBLISHED

Description

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of file type, path, or extension. A remote attacker can upload a crafted PHP file and then access it from the web root, resulting in arbitrary code execution in the context of the web service. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-14 UTC.

Vendor	Product	Versions
Beijing Star-Net Ruijie Network Technology Co., Ltd.	NBR Series Routers	affected `0`

Weaknesses (CWE)

References

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/ruijie/ruijie-nbr-fileupload.yaml

exploit

https://cn-sec.com/archives/1995366.html

exploit

https://www.cnblogs.com/Domren/articles/19093295

exploit

https://rfk0z.github.io/posts/Ruijie-NBR-router-fileupload-php-arbitrary-file-upload-vulnerability/

exploit

https://www.vulncheck.com/advisories/ruijie-networks-nbr-routers-unauthenticated-arbitrary-file-upload-via-fileuploadphp

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.