CVE-2023-34644

31.07.2023, 14:15

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.

Code Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Vendor	Product	Version
ruijie	rg-ew1200r_firmware	3.0\(1\)b11p204
ruijie	rg-ew300_firmware	3.0\(1\)b11p204
ruijie	rg-ew3200gx_firmware	3.0\(1\)b11p204
ruijie	rg-ew1200g_firmware	3.0\(1\)b11p204
ruijie	rg-ew1800gx_firmware	3.0\(1\)b11p204
ruijie	rg-ew300r_firmware	3.0\(1\)b11p204
ruijie	rg-ew1200_firmware	3.0\(1\)b11p204
ruijie	rg-eg3000xe_firmware	3.0\(1\)b11p216
ruijie	rg-eg105g_firmware	3.0\(1\)b11p216
ruijie	rg-eg305gh-p-e_firmware	3.0\(1\)b11p216
ruijie	rg-eg105g-p_firmware	3.0\(1\)b11p216
ruijie	rg-eg3230_firmware	3.0\(1\)b11p216
ruijie	rg-eg1000e_firmware	3.0\(1\)b11p216
ruijie	rg-eg105g-e_firmware	3.0\(1\)b11p216
ruijie	rg-eg105gw\(t\)_firmware	3.0\(1\)b11p216
ruijie	rg-eg105gw-x_firmware	3.0\(1\)b11p216
ruijie	rg-eg2000ce_firmware	3.0\(1\)b11p216
ruijie	rg-eg2100-p_firmware	3.0\(1\)b11p216
ruijie	rg-eg209gs_firmware	3.0\(1\)b11p216
ruijie	rg-eg310gh-e_firmware	3.0\(1\)b11p216
ruijie	rg-eg3000eu_firmware	3.0\(1\)b11p216
ruijie	rg-eg210g-p_firmware	3.0\(1\)b11p216
ruijie	rg-eg3250_firmware	3.0\(1\)b11p216
ruijie	re-eg1000m_firmware	3.0\(1\)b11p216
ruijie	rg-eg1000c_firmware	3.0\(1\)b11p216
ruijie	rg-nbs3100-48gt4sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-24gt4xs_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-24sfp_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-8gt4xs_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-24gt4xs-p_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-48gt4xs_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3200-48gt4xs-p_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3100-24gt4sfp_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3100-24gt4sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3100-8gt2sfp_firmware	3.0\(1\)b11p218
ruijie	rg-nbs3100-8gt2sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-24gt4sfp_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-24t4sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-8gt2sfp_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-8gt2sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-8t2sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-24t4sfp_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-24gt4sfp-p_firmware	3.0\(1\)b11p218
ruijie	rg-s1930-8t2sfp_firmware	3.0\(1\)b11p218

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-94 - Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References

https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/

https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001

https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/

https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001