17 matches found
CVE-2024-2910
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-2909
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...
EUVD-2024-27854
Malicious code in bioql PyPI...
EUVD-2024-27853
Malicious code in bioql PyPI...
CVE-2024-2909
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...
CVE-2024-2910
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-2909
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...
CVE-2024-2910
CVE-2024-2910 affects Ruijie RG-EG350 (pre-20240318) in the VPN quick set service. The vulnerable component is the HTTP POST handler function vpnAction in the file /itbox_pi/vpn_quickset_service.php?a=set_vpn. By manipulating arguments ip, port, user, pass, dns, or startIp, an attacker can trigge...
CVE-2024-2910 Ruijie RG-EG350 HTTP POST Request vpnAction os command injection
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-2910 Ruijie RG-EG350 HTTP POST Request vpnAction os command injection
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-2909
CVE-2024-2909 affects Ruijie RG-EG350 up to 20240318. The vulnerability resides in the HTTP POST Request Handler function setAction (file /itbox_pi/networksafe.php?a=set) where manipulation of the bandwidth argument enables OS command injection. It can be exploited remotely; multiple sources conf...
CVE-2024-2909 Ruijie RG-EG350 HTTP POST Request setAction os command injection
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...
CVE-2024-2909 Ruijie RG-EG350 HTTP POST Request setAction os command injection
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...
Ruijie Networks RG-EG350 操作系统命令注入漏洞
Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves today's small and medium-sized network egress challenges. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originates from a...
Ruijie Networks RG-EG350 操作系统命令注入漏洞
Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves the current egress challenges of small and medium-sized networks. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originate...
PT-2024-2500 · Ruijie · Ruijie Rg-Eg350
Name of the Vulnerable Software and Affected Versions: Ruijie RG-EG350 up to 20240318 Description: A critical vulnerability was found in the function setAction of the file /itbox pi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads ...
Ruijie Networks RG-EG Series Routers SQL注入漏洞
Ruijie RG-EG series gateway EG350 is a Ruijie gateway product. sql injection vulnerability exists in RG-EG series gateway EG350 alarmService.php, which allows remote attackers to submit special SQL requests to manipulate the database and obtain sensitive information or execute arbitrary code. cod...