Description

A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related CPE's

o

ruijienetworks

rg-ew1200g_firmware

07161417_r483

Vulnerable

h

ruijienetworks

rg-ew1200g

-

References

https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G-logic

ExploitThird Party Advisory

https://vuldb.com/?ctiid.237518

Permissions Required

https://vuldb.com/?id.237518

Permissions Required

https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G-logic

ExploitThird Party Advisory

https://vuldb.com/?ctiid.237518

Permissions Required

https://vuldb.com/?id.237518

Permissions Required

Weaknesses

[email protected]

Secondary
CWE-287

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-18T14:15:11.163Z

2 years ago

Last modified

2024-11-21T07:35:06.050Z

1 year ago