CVE-2024-24117

Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:10.4\(1\)p2_release\(9736\):*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*

History

13 Nov 2024, 22:56

Type Values Removed Values Added
References () https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea - () https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea - Third Party Advisory
References () https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists - () https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists - Exploit, Third Party Advisory
CWE CWE-732
CPE cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:10.4\(1\)p2_release\(9736\):*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*
First Time Ruijie
Ruijie rg-nbs2009g-p Firmware
Ruijie rg-nbs2009g-p
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

04 Oct 2024, 13:50

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de permisos inseguros en Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) permite a un atacante remoto obtener privilegios a través del componente de verificación de estado de inicio de sesión.

02 Oct 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-02 21:15

Updated : 2024-11-13 22:56


NVD link : CVE-2024-24117

Mitre link : CVE-2024-24117

CVE.ORG link : CVE-2024-24117


JSON object : View

Products Affected

ruijie

  • rg-nbs2009g-p
  • rg-nbs2009g-p_firmware
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource