A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the switchFastDhcp function in /cgi-bin/luci/api/diagnose.
References
Link | Resource |
---|---|
http://ruijie.com | Not Applicable |
https://seclists.org/fulldisclosure/2022/May/0 | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2022-05-04 01:15
Updated : 2024-02-28 19:09
NVD link : CVE-2021-43160
Mitre link : CVE-2021-43160
CVE.ORG link : CVE-2021-43160
JSON object : View
Products Affected
ruijienetworks
- rg-ew1200g_pro
- rg-ew3200gx_pro
- rg-ew1200
- rg-ew1800gx_pro
- reyeeos
- rg-ew300_pro
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')