Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for rg-nbs2009g-p_firmware by ruijie

    CVE-2024-24117 (GCVE-0-2024-24117)

    Vulnerability from nvd – Published: 2024-10-02 00:00 – Updated: 2025-03-13 13:39
    VLAI
    Summary
    Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24117",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-13T13:39:20.372816Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-732",
                    "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:39:47.853Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T20:14:39.597Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists"
            },
            {
              "url": "https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-24117",
        "datePublished": "2024-10-02T00:00:00.000Z",
        "dateReserved": "2024-01-25T00:00:00.000Z",
        "dateUpdated": "2025-03-13T13:39:47.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-24116 (GCVE-0-2024-24116)

    Vulnerability from nvd – Published: 2024-10-02 00:00 – Updated: 2025-02-10 22:50
    VLAI
    Summary
    An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-280 - Improper Handling of Insufficient Permissions or Privileges
    Assigner
    Impacted products
    Vendor Product Version
    ruijie rg-nbs2009g-p_firmware Affected: 10.4\(1\)P2 Release\(9736\)
        cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p_firmware",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "10.4\\(1\\)P2 Release\\(9736\\)"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24116",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-25T18:22:39.538377Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-280",
                    "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-10T22:50:17.892Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T18:21:42.158Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Unauthorized%20Access%20Vulnerability"
            },
            {
              "url": "https://gist.github.com/zty-1995/7a5e3ad0eb3b6c44db1a6eb4092893d3"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-24116",
        "datePublished": "2024-10-02T00:00:00.000Z",
        "dateReserved": "2024-01-25T00:00:00.000Z",
        "dateUpdated": "2025-02-10T22:50:17.892Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-2642 (GCVE-0-2024-2642)

    Vulnerability from nvd – Published: 2024-03-19 21:31 – Updated: 2024-08-19 17:12
    VLAI
    Title
    Ruijie RG-NBS2009G-P EXCU_SHELL command injection
    Summary
    A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.257281 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.257281 signaturepermissions-required
    https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20R… exploit
    Impacted products
    Vendor Product Version
    Ruijie RG-NBS2009G-P Affected: 20240305
    Create a notification for this product.
    ruijie rg-nbs2009g-p_firmware Affected: 0 , ≤ 20240305 (custom)
        cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    H0e4a0r1t (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:18:48.175Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-257281 | Ruijie RG-NBS2009G-P EXCU_SHELL command injection",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.257281"
              },
              {
                "name": "VDB-257281 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.257281"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20RG-NBS2009G-P%20switch%20has%20a%20foreground%20CLI%20command%20injection%20vulnerability.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p_firmware",
                "vendor": "ruijie",
                "versions": [
                  {
                    "lessThanOrEqual": "20240305",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2642",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-19T17:10:27.367342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-19T17:12:16.116Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RG-NBS2009G-P",
              "vendor": "Ruijie",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240305"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "H0e4a0r1t (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In Ruijie RG-NBS2009G-P bis 20240305 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /EXCU_SHELL. Mit der Manipulation des Arguments Command1 mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-19T21:31:03.872Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-257281 | Ruijie RG-NBS2009G-P EXCU_SHELL command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.257281"
            },
            {
              "name": "VDB-257281 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.257281"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20RG-NBS2009G-P%20switch%20has%20a%20foreground%20CLI%20command%20injection%20vulnerability.pdf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-19T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-03-19T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-03-19T14:40:28.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Ruijie RG-NBS2009G-P EXCU_SHELL command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-2642",
        "datePublished": "2024-03-19T21:31:03.872Z",
        "dateReserved": "2024-03-19T13:35:14.712Z",
        "dateUpdated": "2024-08-19T17:12:16.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-2641 (GCVE-0-2024-2641)

    Vulnerability from nvd – Published: 2024-03-19 20:31 – Updated: 2024-08-01 19:18
    VLAI
    Title
    Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization
    Summary
    A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ruijie RG-NBS2009G-P Affected: 20240305
    Create a notification for this product.
    ruijie rg-nbs2009g-p Affected: 0 , < 20240305 (custom)
        cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    H0e4a0r1t (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p",
                "vendor": "ruijie",
                "versions": [
                  {
                    "lessThan": "20240305",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2641",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T21:27:21.427242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T21:29:11.217Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:18:47.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-257280 | Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.257280"
              },
              {
                "name": "VDB-257280 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.257280"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://h0e4a0r1t.github.io/2024/vulns/Unauthorized%20access%20vulnerability%20in%20Ruijie%20RG-NBS2009G-P%20switch.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Password Handler"
              ],
              "product": "RG-NBS2009G-P",
              "vendor": "Ruijie",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240305"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "H0e4a0r1t (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in Ruijie RG-NBS2009G-P bis 20240305 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /system/passwdManage.htm der Komponente Password Handler. Dank Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-19T20:31:04.208Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-257280 | Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.257280"
            },
            {
              "name": "VDB-257280 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.257280"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://h0e4a0r1t.github.io/2024/vulns/Unauthorized%20access%20vulnerability%20in%20Ruijie%20RG-NBS2009G-P%20switch.pdf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-19T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-03-19T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-03-19T14:40:25.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-2641",
        "datePublished": "2024-03-19T20:31:04.208Z",
        "dateReserved": "2024-03-19T13:35:12.606Z",
        "dateUpdated": "2024-08-01T19:18:47.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38902 (GCVE-0-2023-38902)

    Vulnerability from nvd – Published: 2023-08-17 00:00 – Updated: 2024-10-08 14:50
    VLAI
    Summary
    A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    ruijie rg-ew_series_routers_and_repeaters Affected: v.ew_3.0(1)B11P219
        cpe:2.3:h:ruijie:rg-ew_series_routers_and_repeaters:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-ew Affected: 0
        cpe:2.3:h:ruijie:rg-ew:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-s1930 Affected: v.switch_3.0(1)b11p219
        cpe:2.3:h:ruijie:rg-s1930:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-eg Affected: v.eg_3.0(1)b11p219
        cpe:2.3:h:ruijie:rg-eg:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie nbc_series_wireless_controllers Affected: v.ac_3.0(1)b11p219
        cpe:2.3:h:ruijie:nbc_series_wireless_controllers:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:54:39.341Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-ew_series_routers_and_repeaters:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-ew_series_routers_and_repeaters",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.ew_3.0(1)B11P219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-ew:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-ew",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-s1930:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-s1930",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.switch_3.0(1)b11p219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-eg:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-eg",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.eg_3.0(1)b11p219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:nbc_series_wireless_controllers:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nbc_series_wireless_controllers",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.ac_3.0(1)b11p219"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38902",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T14:37:46.430806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T14:50:58.719Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-18T18:19:51.741Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-38902",
        "datePublished": "2023-08-17T00:00:00.000Z",
        "dateReserved": "2023-07-25T00:00:00.000Z",
        "dateUpdated": "2024-10-08T14:50:58.719Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-24117 (GCVE-0-2024-24117)

    Vulnerability from cvelistv5 – Published: 2024-10-02 00:00 – Updated: 2025-03-13 13:39
    VLAI
    Summary
    Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24117",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-13T13:39:20.372816Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-732",
                    "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:39:47.853Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T20:14:39.597Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists"
            },
            {
              "url": "https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-24117",
        "datePublished": "2024-10-02T00:00:00.000Z",
        "dateReserved": "2024-01-25T00:00:00.000Z",
        "dateUpdated": "2025-03-13T13:39:47.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-24116 (GCVE-0-2024-24116)

    Vulnerability from cvelistv5 – Published: 2024-10-02 00:00 – Updated: 2025-02-10 22:50
    VLAI
    Summary
    An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-280 - Improper Handling of Insufficient Permissions or Privileges
    Assigner
    Impacted products
    Vendor Product Version
    ruijie rg-nbs2009g-p_firmware Affected: 10.4\(1\)P2 Release\(9736\)
        cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p_firmware",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "10.4\\(1\\)P2 Release\\(9736\\)"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24116",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-25T18:22:39.538377Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-280",
                    "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-10T22:50:17.892Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T18:21:42.158Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Unauthorized%20Access%20Vulnerability"
            },
            {
              "url": "https://gist.github.com/zty-1995/7a5e3ad0eb3b6c44db1a6eb4092893d3"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-24116",
        "datePublished": "2024-10-02T00:00:00.000Z",
        "dateReserved": "2024-01-25T00:00:00.000Z",
        "dateUpdated": "2025-02-10T22:50:17.892Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-2642 (GCVE-0-2024-2642)

    Vulnerability from cvelistv5 – Published: 2024-03-19 21:31 – Updated: 2024-08-19 17:12
    VLAI
    Title
    Ruijie RG-NBS2009G-P EXCU_SHELL command injection
    Summary
    A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.257281 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.257281 signaturepermissions-required
    https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20R… exploit
    Impacted products
    Vendor Product Version
    Ruijie RG-NBS2009G-P Affected: 20240305
    Create a notification for this product.
    ruijie rg-nbs2009g-p_firmware Affected: 0 , ≤ 20240305 (custom)
        cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    H0e4a0r1t (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:18:48.175Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-257281 | Ruijie RG-NBS2009G-P EXCU_SHELL command injection",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.257281"
              },
              {
                "name": "VDB-257281 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.257281"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20RG-NBS2009G-P%20switch%20has%20a%20foreground%20CLI%20command%20injection%20vulnerability.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p_firmware",
                "vendor": "ruijie",
                "versions": [
                  {
                    "lessThanOrEqual": "20240305",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2642",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-19T17:10:27.367342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-19T17:12:16.116Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RG-NBS2009G-P",
              "vendor": "Ruijie",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240305"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "H0e4a0r1t (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In Ruijie RG-NBS2009G-P bis 20240305 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /EXCU_SHELL. Mit der Manipulation des Arguments Command1 mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-19T21:31:03.872Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-257281 | Ruijie RG-NBS2009G-P EXCU_SHELL command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.257281"
            },
            {
              "name": "VDB-257281 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.257281"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://h0e4a0r1t.github.io/2024/vulns/Ruijie%20RG-NBS2009G-P%20switch%20has%20a%20foreground%20CLI%20command%20injection%20vulnerability.pdf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-19T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-03-19T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-03-19T14:40:28.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Ruijie RG-NBS2009G-P EXCU_SHELL command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-2642",
        "datePublished": "2024-03-19T21:31:03.872Z",
        "dateReserved": "2024-03-19T13:35:14.712Z",
        "dateUpdated": "2024-08-19T17:12:16.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-2641 (GCVE-0-2024-2641)

    Vulnerability from cvelistv5 – Published: 2024-03-19 20:31 – Updated: 2024-08-01 19:18
    VLAI
    Title
    Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization
    Summary
    A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ruijie RG-NBS2009G-P Affected: 20240305
    Create a notification for this product.
    ruijie rg-nbs2009g-p Affected: 0 , < 20240305 (custom)
        cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    H0e4a0r1t (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-nbs2009g-p",
                "vendor": "ruijie",
                "versions": [
                  {
                    "lessThan": "20240305",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2641",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T21:27:21.427242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T21:29:11.217Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:18:47.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-257280 | Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.257280"
              },
              {
                "name": "VDB-257280 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.257280"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://h0e4a0r1t.github.io/2024/vulns/Unauthorized%20access%20vulnerability%20in%20Ruijie%20RG-NBS2009G-P%20switch.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Password Handler"
              ],
              "product": "RG-NBS2009G-P",
              "vendor": "Ruijie",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240305"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "H0e4a0r1t (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in Ruijie RG-NBS2009G-P bis 20240305 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /system/passwdManage.htm der Komponente Password Handler. Dank Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-19T20:31:04.208Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-257280 | Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.257280"
            },
            {
              "name": "VDB-257280 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.257280"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://h0e4a0r1t.github.io/2024/vulns/Unauthorized%20access%20vulnerability%20in%20Ruijie%20RG-NBS2009G-P%20switch.pdf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-19T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-03-19T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-03-19T14:40:25.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-2641",
        "datePublished": "2024-03-19T20:31:04.208Z",
        "dateReserved": "2024-03-19T13:35:12.606Z",
        "dateUpdated": "2024-08-01T19:18:47.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38902 (GCVE-0-2023-38902)

    Vulnerability from cvelistv5 – Published: 2023-08-17 00:00 – Updated: 2024-10-08 14:50
    VLAI
    Summary
    A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    ruijie rg-ew_series_routers_and_repeaters Affected: v.ew_3.0(1)B11P219
        cpe:2.3:h:ruijie:rg-ew_series_routers_and_repeaters:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-ew Affected: 0
        cpe:2.3:h:ruijie:rg-ew:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-s1930 Affected: v.switch_3.0(1)b11p219
        cpe:2.3:h:ruijie:rg-s1930:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie rg-eg Affected: v.eg_3.0(1)b11p219
        cpe:2.3:h:ruijie:rg-eg:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ruijie nbc_series_wireless_controllers Affected: v.ac_3.0(1)b11p219
        cpe:2.3:h:ruijie:nbc_series_wireless_controllers:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:54:39.341Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-ew_series_routers_and_repeaters:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-ew_series_routers_and_repeaters",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.ew_3.0(1)B11P219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-ew:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-ew",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-s1930:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-s1930",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.switch_3.0(1)b11p219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:rg-eg:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rg-eg",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.eg_3.0(1)b11p219"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:ruijie:nbc_series_wireless_controllers:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nbc_series_wireless_controllers",
                "vendor": "ruijie",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v.ac_3.0(1)b11p219"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38902",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T14:37:46.430806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T14:50:58.719Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-18T18:19:51.741Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-38902",
        "datePublished": "2023-08-17T00:00:00.000Z",
        "dateReserved": "2023-07-25T00:00:00.000Z",
        "dateUpdated": "2024-10-08T14:50:58.719Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }