Ruijie Reyee Mesh Router - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Ruijie Reyee Mesh Router - Remote Code Execution RCE Authenticated Google Dork: None Date: November 1, 2021 Exploit Author: Minh Khoa of VSEC Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/resources/products/1896-1900 Version: ReyeeOS...

CVE-2021-43162

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the runPackDiagnose function in /cgi-bin/luci/api/diagnose...

CVE-2021-43163

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the checkNet function in /cgi-bin/luci/api/auth...

CVE-2021-43161

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the doSwitchApi function in /cgi-bin/luci/api/switch...

Remote code execution

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the checkNet function in /cgi-bin/luci/api/auth...

CVE-2021-43160

CVE-2021-43160 affects Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55. The vulnerability arises in the switchFastDhcp function under /cgi-bin/luci/api/diagnose, enabling remote code execution. The connected sources specify the affected product and the vulnerable component, ...

CVE-2021-43160

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the switchFastDhcp function in /cgi-bin/luci/api/diagnose...