Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function.
References
| Link | Resource |
|---|---|
| https://github.com/winmt/my-vuls/tree/main/RG-EW1200 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
03 Apr 2023, 16:33
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/winmt/my-vuls/tree/main/RG-EW1200 - Exploit, Third Party Advisory | |
| CWE | CWE-77 | |
| First Time |
Ruijienetworks rg-ew1200
Ruijienetworks rg-ew1200 Firmware Ruijienetworks rg-ew1200g Pro Firmware Ruijienetworks rg-ew1200r Firmware Ruijienetworks rg-ew1200r Ruijienetworks rg-ew1200g Pro Ruijienetworks |
|
| CPE | cpe:2.3:o:ruijienetworks:rg-ew1200_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:* cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:* cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:* cpe:2.3:o:ruijienetworks:rg-ew1200g_pro_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:* cpe:2.3:o:ruijienetworks:rg-ew1200r_firmware:ew_3.0\(1\)b11p204:*:*:*:*:*:*:* cpe:2.3:h:ruijienetworks:rg-ew1200r:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
26 Mar 2023, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-03-26 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-26800
Mitre link : CVE-2023-26800
CVE.ORG link : CVE-2023-26800
JSON object : View
Products Affected
ruijienetworks
- rg-ew1200_firmware
- rg-ew1200r_firmware
- rg-ew1200g_pro_firmware
- rg-ew1200r
- rg-ew1200g_pro
- rg-ew1200
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')