Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-jprp-jh3h-3w7v

Опубликовано: 31 июл. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows remote attackers to gain escalated privileges via crafted POST request to /cgi-bin/luci/api/auth.

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows remote attackers to gain escalated privileges via crafted POST request to /cgi-bin/luci/api/auth.

Ссылки

EPSS

Процентиль: 92%
0.08544
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2023-34644

Дефекты

CWE-94

Связанные уязвимости

nvd логотип

CVE-2023-34644

CVSS3: 9.8
nvd
больше 2 лет назад

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.

EPSS

Процентиль: 92%
0.08544
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2023-34644

Дефекты

CWE-94