FKIE_CVE-2024-4816
Vulnerability from fkie_nvd - Published: 2024-05-14 15:45 - Updated: 2025-08-21 18:20
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506. This affects an unknown part of the file /view/networkConfig/GRE/gre_add_commit.php. The manipulation of the argument name/remote/local/IP leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263937 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf | Broken Link | |
| cna@vuldb.com | https://vuldb.com/?ctiid.263937 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.263937 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.329953 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.263937 | Permissions Required, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.263937 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?submit.329953 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-cc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C815169-8607-44BD-BCE0-A86C21814461",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98C38758-7CF5-4B4D-84E0-3E38BF02D4CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF8BDB4-1399-436C-B3EE-696B4940AE86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "338FB6AB-7A94-45FD-A826-9D7790FCAEE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF8BDB4-1399-436C-B3EE-696B4940AE86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e10:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F02D3B37-AB31-4772-9444-0EE7ECD848BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e10c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1361BC-E2B3-495F-B096-3494500F5F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE98BDE-35F2-47D0-90D2-68F83D9647BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E44D1C-E2C2-484F-9D1D-ACA5DAF9CCB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18693B43-EE77-489F-A03F-62F1D9B1C814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e20c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA9E1F3-A44F-4F77-B28E-3B32294EF80F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e20c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9AE852-45FD-4F54-9EB7-4355E070F9DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e20m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B99D0C6-F344-441A-B146-4DE18A5A4DF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e20m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D66C1C1B-71A9-4834-9409-A2586C506585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B051656-A369-40DA-94B2-C031778FFA70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD38DD2-020A-406A-A0E5-A952FED97CCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e50c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79FCE2-2C58-4C34-998C-2E3644DFAE45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e50c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "091BD1EF-BEE1-49FA-8CD3-5863793E1E66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-e50m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9AB6800-1860-4996-BE03-41FDB4934796",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-e50m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33900D0E-3439-406E-9F83-41ABBA8A4092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-ea_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7ABA9B3-08E4-461D-82E0-EF80FE9862B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-ea:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB193F-CA9B-4CA7-9F3B-654661373427",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-ei_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "934D5F8B-9968-4683-8C3E-1EFC5C241FC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-ei:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE135B87-13CF-4891-8196-CB867CAED5E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-isg02_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98EB5DA-FBAE-482B-A842-1A62ACB60E71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-isg02:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7ED6B4-2679-4AA4-B5D7-14D25EF91C05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-isg10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FC2DA1-BB89-45D6-A896-28D322D0AB34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-isg10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EEE87F-615A-4CA9-84CE-C8C6E5251632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-isg200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321E7736-2DBA-4D8F-9D2A-2807296658B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-isg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FFBA1D-875D-4B03-B244-56E0E2EE5AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-isg40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7663290-8A48-4491-9887-E99FED0997FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-isg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77CB8264-530E-47FF-819C-2A9D84034811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-si_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2956049-270F-48B2-99D3-C4F3374C8731",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-si:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A9FA8E-98F0-4B9B-9912-2E168219A704",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-u3100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A941E044-267A-4F9F-BB49-D72F0CDD29BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-u3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF1B13B-6A86-4756-B5CA-31CAFBA787D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-u3210_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF8818B-9665-44C7-B459-E9BF7CAE1835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-u3210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8B0BD6-AA1E-4D68-ACEE-DACDC8FCB800",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "156F9F58-4D3F-41CE-9183-3DE34CBAC150",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87388853-08FC-469D-9CFB-9157AC331E6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x100s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05191250-4BD7-442F-8D26-7D64DFC7F784",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39A8F7C9-6D84-4F33-9031-F47265BE1913",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF55760-4EAA-401A-B2A0-67EDDA2281D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7473CBF-7C1D-478A-97DC-042DA0C4A980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C88BB6-6D8F-4008-B815-00883860B358",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43BEB9-5B5C-4084-A049-B93EBE9B3124",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x20m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E897A7A-B279-49ED-A3CA-14C338563C8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x20m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8095ABB2-9BAE-4883-82C4-727A0E5676D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x20me_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01CBF479-1142-4F63-9216-FF4B09E15F50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x20me:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4706FC42-CD03-4690-867C-71B6CC1222B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x300d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57B23C2D-05A9-4EDB-8FC1-829A402D0882",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x300d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB0D7D3-958D-4CFE-98B2-988B7894E4E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-x60_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DD6935-CC7B-48FE-86A5-229F61F73EB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-x60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B42DC4A5-AFB6-49F0-B7E2-8057F8DE4D51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijie:rg-uac_6000-xs_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5647BA98-4115-4DAB-8780-D6D56F36D2BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijie:rg-uac_6000-xs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA97261-02A0-432F-8A6D-86DB69A1255B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506. This affects an unknown part of the file /view/networkConfig/GRE/gre_add_commit.php. The manipulation of the argument name/remote/local/IP leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263937 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Ruijie RG-UAC hasta 20240506 y clasificada como cr\u00edtica. Una parte desconocida del archivo /view/networkConfig/GRE/gre_add_commit.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento nombre/remoto/local/IP conduce a la inyecci\u00f3n de comandos del sistema operativo. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-263937. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"id": "CVE-2024-4816",
"lastModified": "2025-08-21T18:20:50.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2024-05-14T15:45:07.320",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
],
"url": "https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.263937"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.263937"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.329953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.263937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.263937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.329953"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…