CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32394
https://notcve.org/view.php?id=CVE-2024-32394
22 Apr 2024 — An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request. Un problema en ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 y RG-RSR10-01G-T(WA)-S RSR_3.0( 1) B9P2_RSR10-01G-TW-S_07150910 permite a un atacante remoto ejecutar código arbitrario a través de una solicitud HTTP manipulada. • https://gist.github.com/Swind1er/7aad5c28e5bdc91d73fa7489b7250c94 •
CVSS: 10.0EPSS: 0%CPEs: 130EXPL: 0CVE-2023-34644
https://notcve.org/view.php?id=CVE-2023-34644
31 Jul 2023 — Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth. • https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389 • CWE-94: Improper Control of Generation of Code ('Code Injection') •