Description

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263113 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

INFO

Published Date :

2024-05-06T00:31:03.849Z

Last Modified :

2024-08-01T20:40:47.396Z

Source :

VulDB
AFFECTED PRODUCTS

The following products are affected by CVE-2024-4509 vulnerability.

Vendors Products
Ruijie
  • Rg-uac
  • Rg-uac 6000-cc
  • Rg-uac 6000-cc Firmware
  • Rg-uac 6000-e10
  • Rg-uac 6000-e10 Firmware
  • Rg-uac 6000-e10c
  • Rg-uac 6000-e10c Firmware
  • Rg-uac 6000-e20
  • Rg-uac 6000-e20 Firmware
  • Rg-uac 6000-e20c
  • Rg-uac 6000-e20c Firmware
  • Rg-uac 6000-e20m
  • Rg-uac 6000-e20m Firmware
  • Rg-uac 6000-e50
  • Rg-uac 6000-e50 Firmware
  • Rg-uac 6000-e50c
  • Rg-uac 6000-e50c Firmware
  • Rg-uac 6000-e50m
  • Rg-uac 6000-e50m Firmware
  • Rg-uac 6000-ea
  • Rg-uac 6000-ea Firmware
  • Rg-uac 6000-ei
  • Rg-uac 6000-ei Firmware
  • Rg-uac 6000-isg02
  • Rg-uac 6000-isg02 Firmware
  • Rg-uac 6000-isg10
  • Rg-uac 6000-isg10 Firmware
  • Rg-uac 6000-isg200
  • Rg-uac 6000-isg200 Firmware
  • Rg-uac 6000-isg40
  • Rg-uac 6000-isg40 Firmware
  • Rg-uac 6000-si
  • Rg-uac 6000-si Firmware
  • Rg-uac 6000-u3100
  • Rg-uac 6000-u3100 Firmware
  • Rg-uac 6000-u3210
  • Rg-uac 6000-u3210 Firmware
  • Rg-uac 6000-x100
  • Rg-uac 6000-x100 Firmware
  • Rg-uac 6000-x100s
  • Rg-uac 6000-x100s Firmware
  • Rg-uac 6000-x20
  • Rg-uac 6000-x200
  • Rg-uac 6000-x200 Firmware
  • Rg-uac 6000-x20 Firmware
  • Rg-uac 6000-x20m
  • Rg-uac 6000-x20m Firmware
  • Rg-uac 6000-x20me
  • Rg-uac 6000-x20me Firmware
  • Rg-uac 6000-x300d
  • Rg-uac 6000-x300d Firmware
  • Rg-uac 6000-x60
  • Rg-uac 6000-x60 Firmware
  • Rg-uac 6000-xs
  • Rg-uac 6000-xs Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-4509.

URL Resource
https://github.com/h0e4a0r1t/-2x3J-1rPc-1-0-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-add_commit.php.pdf cve-icon cve-icon cve-icon
https://vuldb.com/?ctiid.263113 cve-icon cve-icon cve-icon
https://vuldb.com/?id.263113 cve-icon cve-icon cve-icon
https://vuldb.com/?submit.323819 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact