The vulnerability of the vpnAction function (/itbox_pi/vpn_quickset_service.php?a=set_vpn) in the microprogramming software for Ruijie’s RG-EG series routers allows a hacker to execute arbitrary commands.

The vulnerability of the vpnAction function /itboxpi/vpnquicksetservice.php?a=setvpn of the Ruijie RG-EG series router microprogramming software is related to the failure to eliminate special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to...

CVE-2024-2910

A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...

Ruijie Networks RG-EG350 操作系统命令注入漏洞

Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves the current egress challenges of small and medium-sized networks. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originate...