TROYANOSYVIRUS
Voltar para CVEs

CVE-2023-34644

CRITICAL
9.8

Descricao

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.

Detalhes CVE

Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado7/31/2023
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

ruijie:re-eg1000mruijie:re-eg1000m_firmwareruijie:rg-eg1000cruijie:rg-eg1000c_firmwareruijie:rg-eg1000eruijie:rg-eg1000e_firmwareruijie:rg-eg105gruijie:rg-eg105g-eruijie:rg-eg105g-e_firmwareruijie:rg-eg105g-pruijie:rg-eg105g-p_firmwareruijie:rg-eg105g_firmwareruijie:rg-eg105gw-xruijie:rg-eg105gw-x_firmwareruijie:rg-eg105gw\(t\)ruijie:rg-eg105gw\(t\)_firmwareruijie:rg-eg2000ceruijie:rg-eg2000ce_firmwareruijie:rg-eg209gsruijie:rg-eg209gs_firmwareruijie:rg-eg2100-pruijie:rg-eg2100-p_firmwareruijie:rg-eg210g-pruijie:rg-eg210g-p_firmwareruijie:rg-eg3000euruijie:rg-eg3000eu_firmwareruijie:rg-eg3000xeruijie:rg-eg3000xe_firmwareruijie:rg-eg305gh-p-eruijie:rg-eg305gh-p-e_firmwareruijie:rg-eg310gh-eruijie:rg-eg310gh-e_firmwareruijie:rg-eg3230ruijie:rg-eg3230_firmwareruijie:rg-eg3250ruijie:rg-eg3250_firmwareruijie:rg-ew1200ruijie:rg-ew1200_firmwareruijie:rg-ew1200gruijie:rg-ew1200g_firmwareruijie:rg-ew1200rruijie:rg-ew1200r_firmwareruijie:rg-ew1800gxruijie:rg-ew1800gx_firmwareruijie:rg-ew300ruijie:rg-ew300_firmwareruijie:rg-ew300rruijie:rg-ew300r_firmwareruijie:rg-ew3200gxruijie:rg-ew3200gx_firmwareruijie:rg-nbc256ruijie:rg-nbc256_firmwareruijie:rg-nbc512ruijie:rg-nbc512_firmwareruijie:rg-nbs3100-24gt4sfpruijie:rg-nbs3100-24gt4sfp-pruijie:rg-nbs3100-24gt4sfp-p_firmwareruijie:rg-nbs3100-24gt4sfp_firmwareruijie:rg-nbs3100-48gt4sfp-pruijie:rg-nbs3100-48gt4sfp-p_firmwareruijie:rg-nbs3100-8gt2sfpruijie:rg-nbs3100-8gt2sfp-pruijie:rg-nbs3100-8gt2sfp-p_firmwareruijie:rg-nbs3100-8gt2sfp_firmwareruijie:rg-nbs3200-24gt4xsruijie:rg-nbs3200-24gt4xs-pruijie:rg-nbs3200-24gt4xs-p_firmwareruijie:rg-nbs3200-24gt4xs_firmwareruijie:rg-nbs3200-24sfpruijie:rg-nbs3200-24sfp_firmwareruijie:rg-nbs3200-48gt4xsruijie:rg-nbs3200-48gt4xs-pruijie:rg-nbs3200-48gt4xs-p_firmwareruijie:rg-nbs3200-48gt4xs_firmwareruijie:rg-nbs3200-8gt4xsruijie:rg-nbs3200-8gt4xs_firmwareruijie:rg-rap1200\(f\)ruijie:rg-rap1200\(f\)_firmwareruijie:rg-rap1200\(p\)ruijie:rg-rap1200\(p\)_firmwareruijie:rg-rap1201ruijie:rg-rap1201_firmwareruijie:rg-rap1260ruijie:rg-rap1260_firmwareruijie:rg-rap1261ruijie:rg-rap1261_firmwareruijie:rg-rap2200\(e\)ruijie:rg-rap2200\(e\)_firmwareruijie:rg-rap2200\(f\)ruijie:rg-rap2200\(f\)_firmwareruijie:rg-rap2260ruijie:rg-rap2260\(e\)ruijie:rg-rap2260\(e\)_firmwareruijie:rg-rap2260\(f\)ruijie:rg-rap2260\(f\)_firmwareruijie:rg-rap2260\(g\)ruijie:rg-rap2260\(g\)_firmwareruijie:rg-rap2260_firmwareruijie:rg-rap2266ruijie:rg-rap2266_firmwareruijie:rg-rap6202\(g\)ruijie:rg-rap6202\(g\)_firmwareruijie:rg-rap6260\(g\)ruijie:rg-rap6260\(g\)_firmwareruijie:rg-rap6260\(h\)ruijie:rg-rap6260\(h\)-druijie:rg-rap6260\(h\)-d_firmwareruijie:rg-rap6260\(h\)_firmwareruijie:rg-rap6262ruijie:rg-rap6262\(g\)ruijie:rg-rap6262\(g\)_firmwareruijie:rg-rap6262_firmwareruijie:rg-rap73hdruijie:rg-rap73hd_firmwareruijie:rg-s1930-24gt4sfpruijie:rg-s1930-24gt4sfp-pruijie:rg-s1930-24gt4sfp-p_firmwareruijie:rg-s1930-24gt4sfp_firmwareruijie:rg-s1930-24t4sfpruijie:rg-s1930-24t4sfp-pruijie:rg-s1930-24t4sfp-p_firmwareruijie:rg-s1930-24t4sfp_firmwareruijie:rg-s1930-8gt2sfpruijie:rg-s1930-8gt2sfp-pruijie:rg-s1930-8gt2sfp-p_firmwareruijie:rg-s1930-8gt2sfp_firmwareruijie:rg-s1930-8t2sfpruijie:rg-s1930-8t2sfp-pruijie:rg-s1930-8t2sfp-p_firmwareruijie:rg-s1930-8t2sfp_firmware

Fraquezas (CWE)

CWE-94

Referencias

https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/(cve@mitre.org)
https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001(cve@mitre.org)
https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/(af854a3a-2127-422b-91ae-364da2661108)
https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.