The vulnerability of the /view/systemConfig/sys_user/user_commit.php file in the Ruijie RG-UAC router microprogramming system allows a attacker to execute any command they desire.

The vulnerability of the /view/systemConfig/sysuser/usercommit.php file in the Ruijie RG-UAC network management tool exists due to the failure to eliminate special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

CVE-2024-5337 Ruijie RG-UAC user_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical. This issue affects some unknown processing of the file /view/systemConfig/sysuser/usercommit.php. The manipulation of the argument email2/username leads to os command injection. The attack may be initiated...

CVE-2024-5337

CVE-2024-5337 affects Ruijie RG-UAC (up to 20240516). The vulnerability arises in the processing of /view/systemConfig/sys_user/user_commit.php, where manipulation of the email2/user_name parameter leads to OS command injection. The issue can be triggered remotely and has public disclosures. Conn...

CVE-2024-5337 Ruijie RG-UAC user_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical. This issue affects some unknown processing of the file /view/systemConfig/sysuser/usercommit.php. The manipulation of the argument email2/username leads to os command injection. The attack may be initiated...