Lucene search

[email protected]NVD:CVE-2023-26800

HistoryMar 26, 2023 - 9:15 p.m.

CVE-2023-26800

2023-03-2621:15:06

CWE-77

[email protected]

web.nvd.nist.gov

ruijie networks

wireless routers

command injection

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.1%

JSON

Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function.

Affected configurations

Nvd

Node

ruijienetworksrg-ew1200rMatch-

AND

ruijienetworksrg-ew1200r_firmwareMatchew_3.0\(1\)b11p204

Node

ruijienetworksrg-ew1200Match-

AND

ruijienetworksrg-ew1200_firmwareMatchew_3.0\(1\)b11p204

Node

ruijienetworksrg-ew1200g_proMatch-

AND

ruijienetworksrg-ew1200g_pro_firmwareMatchew_3.0\(1\)b11p204

VendorProductVersionCPE
ruijienetworksrg-ew1200r-cpe:2.3:h:ruijienetworks:rg-ew1200r:-:*:*:*:*:*:*:*
ruijienetworksrg-ew1200r_firmwareew_3.0(1)b11p204cpe:2.3:o:ruijienetworks:rg-ew1200r_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:*
ruijienetworksrg-ew1200-cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*
ruijienetworksrg-ew1200_firmwareew_3.0(1)b11p204cpe:2.3:o:ruijienetworks:rg-ew1200_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:*
ruijienetworksrg-ew1200g_pro-cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*
ruijienetworksrg-ew1200g_pro_firmwareew_3.0(1)b11p204cpe:2.3:o:ruijienetworks:rg-ew1200g_pro_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ruijienetworks	rg-ew1200r	-	cpe:2.3:h:ruijienetworks:rg-ew1200r:-:::::::*
ruijienetworks	rg-ew1200r_firmware	ew_3.0(1)b11p204	cpe:2.3:o:ruijienetworks:rg-ew1200r_firmware:ew_3.0\(1\)b11p204:::::::*
ruijienetworks	rg-ew1200	-	cpe:2.3:h:ruijienetworks:rg-ew1200:-:::::::*
ruijienetworks	rg-ew1200_firmware	ew_3.0(1)b11p204	cpe:2.3:o:ruijienetworks:rg-ew1200_firmware:ew_3.0\(1\)b11p204:::::::*
ruijienetworks	rg-ew1200g_pro	-	cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:::::::*
ruijienetworks	rg-ew1200g_pro_firmware	ew_3.0(1)b11p204	cpe:2.3:o:ruijienetworks:rg-ew1200g_pro_firmware:ew_3.0\(1\)b11p204:::::::*

References

github.com/winmt/my-vuls/tree/main/RG-EW1200

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.1%

JSON

Related for NVD:CVE-2023-26800

cvelist1 prion1 cve1