CVE-2023-4415
published 2023-08-18CVE-2023-4415: A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file…
PriorityP277high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
56.15%
98.9th percentile
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruijie | rg-ew1200g | — | — |
| ruijienetworks | rg-ew1200g_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
otherapp.2fe6356cdd1ddd0eb8d6317d1a48d379.css
commandPOST /api/sys/login {"username":"2","password":"admin","timestamp":1695218596000}
- →POST request to /api/sys/login with username '2' and password 'admin' — anomalous/trivial credentials used to trigger authentication bypass
- →Successful exploitation returns HTTP 200 with JSON body containing '"result":"ok"' and '"msg":"登入成功"' (login success in Chinese)
- →Response Content-Type header is application/json on successful bypass
- →Fingerprint vulnerable Ruijie RG-EW1200G devices via Shodan/FOFA using the CSS asset hash in the HTML body
- ·Vulnerability is specific to Ruijie RG-EW1200G firmware version 07161417 r483; other firmware versions may not be affected ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_oracle5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6f6j-w84g-cp4x: A vulnerability was found in Ruijie RG-EW1200G 07161417 r483
ghsa_unreviewed·2023-08-18
CVE-2023-4415 [HIGH] CWE-287 GHSA-6f6j-w84g-cp4x: A vulnerability was found in Ruijie RG-EW1200G 07161417 r483
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Oracle
Oracle Oracle Communications Risk Matrix: Policy (systemd) — CVE-2022-4415
vendor_oracle·2023-04-15·CVSS 5.5
CVE-2022-4415 [MEDIUM] Oracle Oracle Communications Risk Matrix: Policy (systemd) — CVE-2022-4415
Oracle Oracle Communications Risk Matrix: Policy (systemd) vulnerability
CVE: CVE-2022-4415
CVSS: 5.5
Protocol: None
Remote exploit: No
Affected versions: Local
Advisory: cpuapr2023 (APR 2023)
No detection rules found.
Nuclei
Ruijie RG-EW1200G Router Background - Login Bypass
nuclei·CVSS 8.8
CVE-2023-4415 [HIGH] Ruijie RG-EW1200G Router Background - Login Bypass
Ruijie RG-EW1200G Router Background - Login Bypass
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability.
Template:
id: CVE-2023-4415
info:
name: Ruijie RG-EW1200G Router Background - Login Bypass
author: DhiyaneshDK
severity: high
description: |
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentica
No writeups or analysis indexed.
2023-08-18
Published