FKIE_CVE-2023-48849
Vulnerability from fkie_nvd - Published: 2023-12-06 08:15 - Updated: 2024-11-21 08:32
Severity ?
Summary
Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/delsploit/CVE-2023-48849 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/delsploit/CVE-2023-48849 | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg1000c_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D428A3-FC96-4EB5-A04F-31A71D2E12F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg1000c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392B0C18-CD2A-45F3-95DF-1E064B84AC24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg1000e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "299A82E0-325D-4228-A591-DA6A1B4EA74F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg1000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA58CE8C-9CEF-4990-B4F1-925B7B2F6CE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105g_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3300C5-4CF4-4001-AE7B-910FD472337C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBFC706-AC97-4541-B2B5-1804A4A1DEFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105g_v2_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "90D0404E-653F-4EF1-A00B-81F291CF29F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105g_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4EBC91-4AB4-4103-93F8-A4ADF708A5F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "018D197F-FD45-49FC-B449-3C0D6086445A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD536DA0-81D3-4D4A-A118-547B5A4F1EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "01ECF45E-0D62-4020-9AC0-E11D0DC02D43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7611947-CA1E-48C5-A79E-584EA174D4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-pe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "4F61792C-9A8D-4BB0-ABEC-E378B4A09EA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56E58BB1-41AA-4299-A872-0D8538C22D97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105gw\\(t\\)_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF42017-3BE4-41D3-B440-002324926274",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105gw\\(t\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8489805-7913-441A-A234-FF81727145F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg105gw-x_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "01C66016-1A85-4A4A-A64E-227F34D2059C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg105gw-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC91E9-48B8-44B7-B3D1-8307AF28D2C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg2000ce_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C68405-AEAC-4F8F-AD9E-AF4B5244C199",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg2000ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE2EBF3-6B54-4820-9B81-78C536C27EBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg209gs_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "30D1E3AE-D86C-461F-8EF6-26802DE1F810",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg209gs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A19353AD-583C-45ED-B7E9-5A698957A58F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg2100-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "198D50AD-070A-4CF6-9508-BE21BA2C4012",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg2100-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C143C34F-E3B0-4758-B5B2-940487C0DF9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "CC0ACC94-C949-43DA-98B8-5AF1BC48D2A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0523E44D-02BD-4383-9E06-9D9072C3279B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "6826B7F7-9F5C-4501-92DF-733829BB4E41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637BFC7A-BDAD-4FE3-A783-847B2790A289",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-pe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "8841AAE5-890A-473F-B009-2C63003703AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C131E10E-92FE-4934-9FD3-44023A74A07F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg3000eu_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "246C77FD-B976-4063-A024-EC1B1CDE6425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg3000eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2091E90B-592D-4140-A601-6211824F294D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg3000xe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "993832B4-72BE-4545-97F0-52F18DE81183",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg3000xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13B97B62-B757-48B5-9FE8-31CD941E17BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg305gh-p-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "44BD1A69-B1CB-46CA-86EF-4FF3F0456EAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg305gh-p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F06A951-22E0-489C-86F8-F10659A58F84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg310gh-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "261F64C4-8075-49EA-8D03-D332273199ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg310gh-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5689D7-078B-4009-A7CC-78E82012DECA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg3230_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "5E278531-11DB-451E-92C9-1581A7472EB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg3230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC572D3-B08D-4F28-A5A1-B8B86A9816D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-eg3250_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "9D162D1D-B4CB-4657-A3DA-4EE262197104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-eg3250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7473057D-92EF-49BC-9721-A69CA90DEF04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering."
},
{
"lang": "es",
"value": "Ruijie EG Series Routers versi\u00f3n EG_3.0(1)B11P216 y anteriores permiten a atacantes no autenticados ejecutar de forma remota c\u00f3digo arbitrario debido a un filtrado incorrecto."
}
],
"id": "CVE-2023-48849",
"lastModified": "2024-11-21T08:32:33.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-06T08:15:07.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/delsploit/CVE-2023-48849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/delsploit/CVE-2023-48849"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…