Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
References
Link | Resource |
---|---|
https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea | Third Party Advisory |
https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
13 Nov 2024, 22:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/zty-1995/dbb3d5b2dbf65b4de5b71e57d08139ea - Third Party Advisory | |
References | () https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Any%20user%20login%20exists - Exploit, Third Party Advisory | |
CWE | CWE-732 | |
CPE | cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:10.4\(1\)p2_release\(9736\):*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:* |
|
First Time |
Ruijie
Ruijie rg-nbs2009g-p Firmware Ruijie rg-nbs2009g-p |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
04 Oct 2024, 13:50
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Oct 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-02 21:15
Updated : 2024-11-13 22:56
NVD link : CVE-2024-24117
Mitre link : CVE-2024-24117
CVE.ORG link : CVE-2024-24117
JSON object : View
Products Affected
ruijie
- rg-nbs2009g-p
- rg-nbs2009g-p_firmware
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource