Description

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability.

INFO

Published Date :

2024-04-27T14:31:05.426Z

Last Modified :

2024-08-01T20:33:53.199Z

Source :

VulDB
AFFECTED PRODUCTS

The following products are affected by CVE-2024-4255 vulnerability.

Vendors Products
Ruijie
  • Rg-uac
  • Rg-uac 6000-cc
  • Rg-uac 6000-cc Firmware
  • Rg-uac 6000-e10
  • Rg-uac 6000-e10 Firmware
  • Rg-uac 6000-e10c
  • Rg-uac 6000-e10c Firmware
  • Rg-uac 6000-e20
  • Rg-uac 6000-e20 Firmware
  • Rg-uac 6000-e20c
  • Rg-uac 6000-e20c Firmware
  • Rg-uac 6000-e20m
  • Rg-uac 6000-e20m Firmware
  • Rg-uac 6000-e50
  • Rg-uac 6000-e50 Firmware
  • Rg-uac 6000-e50c
  • Rg-uac 6000-e50c Firmware
  • Rg-uac 6000-e50m
  • Rg-uac 6000-e50m Firmware
  • Rg-uac 6000-ea
  • Rg-uac 6000-ea Firmware
  • Rg-uac 6000-ei
  • Rg-uac 6000-ei Firmware
  • Rg-uac 6000-isg02
  • Rg-uac 6000-isg02 Firmware
  • Rg-uac 6000-isg10
  • Rg-uac 6000-isg10 Firmware
  • Rg-uac 6000-isg200
  • Rg-uac 6000-isg200 Firmware
  • Rg-uac 6000-isg40
  • Rg-uac 6000-isg40 Firmware
  • Rg-uac 6000-si
  • Rg-uac 6000-si Firmware
  • Rg-uac 6000-u3100
  • Rg-uac 6000-u3100 Firmware
  • Rg-uac 6000-u3210
  • Rg-uac 6000-u3210 Firmware
  • Rg-uac 6000-x100
  • Rg-uac 6000-x100 Firmware
  • Rg-uac 6000-x100s
  • Rg-uac 6000-x100s Firmware
  • Rg-uac 6000-x20
  • Rg-uac 6000-x200
  • Rg-uac 6000-x200 Firmware
  • Rg-uac 6000-x20 Firmware
  • Rg-uac 6000-x20m
  • Rg-uac 6000-x20m Firmware
  • Rg-uac 6000-x20me
  • Rg-uac 6000-x20me Firmware
  • Rg-uac 6000-x300d
  • Rg-uac 6000-x300d Firmware
  • Rg-uac 6000-x60
  • Rg-uac 6000-x60 Firmware
  • Rg-uac 6000-xs
  • Rg-uac 6000-xs Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-4255.

URL Resource
https://github.com/h0e4a0r1t/g-hdkyyf7L-Z8-5v/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_edit_commit.php.pdf cve-icon cve-icon cve-icon
https://vuldb.com/?ctiid.262145 cve-icon cve-icon cve-icon
https://vuldb.com/?id.262145 cve-icon cve-icon cve-icon
https://vuldb.com/?submit.319820 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact