Browse all 4 CVE security advisories affecting ruifang-tech. AI-powered Chinese analysis, POCs, and references for each vulnerability.
RuiFang-Tech develops enterprise software solutions with a focus on industrial control systems and IoT management platforms. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and authentication flaws. The company has recorded four CVEs to date, with notable issues including unauthenticated RCE in their device management interface and stored XSS vulnerabilities in administrative panels. While no major public security incidents have been documented, their historical vulnerability patterns suggest a need for strengthened security development practices, particularly in secure coding and access control mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12995 | ruifang-tech Rebuild Project Tasks Section tasks cross site scripting — RebuildCWE-79 | 3.5 | Low | 2024-12-28 |
| CVE-2024-12990 | ruifang-tech Rebuild Admin Verification Page admin-verify redirect — RebuildCWE-601 | 4.3 | Medium | 2024-12-27 |
| CVE-2024-12665 | ruifang-tech Rebuild Task Comment Attachment Upload cross site scripting — RebuildCWE-79 | 3.5 | Low | 2024-12-16 |
| CVE-2024-12664 | ruifang-tech Rebuild Project Task Comment cross site scripting — RebuildCWE-79 | 3.5 | Low | 2024-12-16 |
This page lists every published CVE security advisory associated with ruifang-tech. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.