| Titel | Ruijie Ruijie RG-UAC Unified Internet Behavior Management Audit System Ruijie RG-UAC Unified Internet Behavior Management Audit System Command Injection |
|---|
| Beschreibung | There is a command execution vulnerability in the Ruijie RG - UAC application management gateway backend /view/networkConfig/vlan/vlan_add_commit.php interface. An attacker can execute arbitrary commands to control server permissions. |
|---|
| Quelle | ⚠️ https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/z%7CYVDv%7CHKA)*%5CdK!/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-vlan%3Avlan_add_commit.php.pdf |
|---|
| Benutzer | H0e4a0r1t (UID 65358) |
|---|
| Einreichung | 16.05.2024 10:40 (vor 2 Jahren) |
|---|
| Moderieren | 24.05.2024 20:50 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 266242 [Ruijie RG-UAC bis 20240516 vlan_add_commit.php addVlan phyport erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|