CVE-2023-34644
published 2023-07-31CVE-2023-34644: Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.52%
71.5th percentile
Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.
Affected
58 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruijie | re-eg1000m_firmware | — | — |
| ruijie | rg-eg1000c_firmware | — | — |
| ruijie | rg-eg1000e_firmware | — | — |
| ruijie | rg-eg105g-e_firmware | — | — |
| ruijie | rg-eg105g-p_firmware | — | — |
| ruijie | rg-eg105g_firmware | — | — |
| ruijie | rg-eg105gw-x_firmware | — | — |
| ruijie | rg-eg105gw_firmware | — | — |
| ruijie | rg-eg2000ce_firmware | — | — |
| ruijie | rg-eg209gs_firmware | — | — |
| ruijie | rg-eg2100-p_firmware | — | — |
| ruijie | rg-eg210g-p_firmware | — | — |
| ruijie | rg-eg3000eu_firmware | — | — |
| ruijie | rg-eg3000xe_firmware | — | — |
| ruijie | rg-eg305gh-p-e_firmware | — | — |
| ruijie | rg-eg310gh-e_firmware | — | — |
| ruijie | rg-eg3230_firmware | — | — |
| ruijie | rg-eg3250_firmware | — | — |
| ruijie | rg-ew1200_firmware | — | — |
| ruijie | rg-ew1200g_firmware | — | — |
| ruijie | rg-ew1200r_firmware | — | — |
| ruijie | rg-ew1800gx_firmware | — | — |
| ruijie | rg-ew300_firmware | — | — |
| ruijie | rg-ew300r_firmware | — | — |
| ruijie | rg-ew3200gx_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-07-31
Published