CVE-2021-43161

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the doSwitchApi function in /cgi-bin/luci/api/switch.
References
Link Resource
http://ruijie.com Not Applicable
https://seclists.org/fulldisclosure/2022/May/0 Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-05-04 01:15

Updated : 2024-02-28 19:09


NVD link : CVE-2021-43161

Mitre link : CVE-2021-43161

CVE.ORG link : CVE-2021-43161


JSON object : View

Products Affected

ruijienetworks

  • rg-ew1200g_pro
  • rg-ew3200gx_pro
  • rg-ew1200
  • rg-ew1800gx_pro
  • reyeeos
  • rg-ew300_pro
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')