CVE-2023-48849

Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
ruijierg-eg1000c_firmware
3.0\(1\)b11p216
ruijierg-eg1000e_firmware
3.0\(1\)b11p216
ruijierg-eg105g_firmware
3.0\(1\)b11p216
ruijierg-eg105g_v2_firmware
3.0\(1\)b11p216
ruijierg-eg105g-e_firmware
3.0\(1\)b11p216
ruijierg-eg105g-p_firmware
3.0\(1\)b11p216
ruijierg-eg105g-pe_firmware
3.0\(1\)b11p216
ruijierg-eg105gw\(t\)_firmware
3.0\(1\)b11p216
ruijierg-eg105gw-x_firmware
3.0\(1\)b11p216
ruijierg-eg2000ce_firmware
3.0\(1\)b11p216
ruijierg-eg209gs_firmware
3.0\(1\)b11p216
ruijierg-eg2100-p_firmware
3.0\(1\)b11p216
ruijierg-eg210g-e_firmware
3.0\(1\)b11p216
ruijierg-eg210g-p_firmware
3.0\(1\)b11p216
ruijierg-eg210g-pe_firmware
3.0\(1\)b11p216
ruijierg-eg3000eu_firmware
3.0\(1\)b11p216
ruijierg-eg3000xe_firmware
3.0\(1\)b11p216
ruijierg-eg305gh-p-e_firmware
3.0\(1\)b11p216
ruijierg-eg310gh-e_firmware
3.0\(1\)b11p216
ruijierg-eg3230_firmware
3.0\(1\)b11p216
ruijierg-eg3250_firmware
3.0\(1\)b11p216
𝑥
= Vulnerable software versions
References
https://github.com/delsploit/CVE-2023-48849
https://github.com/delsploit/CVE-2023-48849