CVE-2023-4169 – Ruijie RG-EW1200G Administrator Password set_passwd access control

https://notcve.org/view.php?id=CVE-2023-4169

05 Aug 2023 — A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/set_passwd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can be launched remotely. • https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415 • CWE-284: Improper Access Control •