cbcvebase.
CVE-2024-24116
published 2024-10-02

CVE-2024-24116: An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.

PriorityP179critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
24.14%
97.6th percentile
An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.

Affected

1 ranges
VendorProductVersion rangeFixed in
ruijierg-nbs2009g-p_firmware

Detection & IOCsextracted from sources · hover to see the quote

url/system/config_menu.htm
path/system/config_menu.htm
otherconfigManage.asp
  • Send an unauthenticated HTTP GET request to /system/config_menu.htm; a 200 response containing both 'configManage.asp' and 'reinitIframe()' in the body confirms the authentication bypass is exploitable.
  • FOFA fingerprint query 'body="ruijie.com.cn"' can be used to identify exposed Ruijie devices on the internet for mass scanning.
  • ·Vulnerability is confirmed only against RGOS v.10.4(1)P2 Release(9736) on the RG-NBS2009G-P model; other firmware versions are not confirmed affected.
  • ·The exploit requires no authentication, no user interaction, and is remotely exploitable over the network (CVSS AV:N/AC:L/PR:N/UI:N), making it trivially weaponisable at scale.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.