CVE-2023-34644

Published: Jul 31, 2023Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.

Affected (65)

Products: Ruijie: Rg Ew1200r Firmware, Rg Ew300 Firmware, Rg Ew3200gx Firmware, Rg Ew1200g Firmware, Rg Ew1800gx Firmware, Rg Ew300r Firmware, Rg Ew1200 Firmware, Rg Eg3000xe Firmware, Rg Eg105g Firmware, Rg Eg305gh P E Firmware, Rg Eg105g P Firmware, Rg Eg3230 Firmware, Rg Eg1000e Firmware, Rg Eg105g E Firmware, Rg Eg105gw(t) Firmware, Rg Eg105gw X Firmware, Rg Eg2000ce Firmware, Rg Eg2100 P Firmware, Rg Eg209gs Firmware, Rg Eg310gh E Firmware, Rg Eg3000eu Firmware, Rg Eg210g P Firmware, Rg Eg3250 Firmware, Re Eg1000m Firmware, Rg Eg1000c Firmware, Rg Nbs3100 48gt4sfp P Firmware, Rg Nbs3200 24gt4xs Firmware, Rg Nbs3200 24sfp Firmware, Rg Nbs3200 8gt4xs Firmware, Rg Nbs3200 24gt4xs P Firmware, Rg Nbs3200 48gt4xs Firmware, Rg Nbs3200 48gt4xs P Firmware, Rg Nbs3100 24gt4sfp Firmware, Rg Nbs3100 24gt4sfp P Firmware, Rg Nbs3100 8gt2sfp Firmware, Rg Nbs3100 8gt2sfp P Firmware, Rg Rap1260 Firmware, Rg Rap2266 Firmware, Rg Rap1261 Firmware, Rg Rap73hd Firmware, Rg Rap2200(e) Firmware, Rg Rap6260(h) Firmware, Rg Rap1200(p) Firmware, Rg Rap2260(e) Firmware, Rg Rap6262(g) Firmware, Rg Rap6262 Firmware, Rg Rap2260 Firmware, Rg Rap6202(g) Firmware, Rg Rap1201 Firmware, Rg Rap1200(f) Firmware, Rg Rap2260(f) Firmware, Rg Rap2200(f) Firmware, Rg Rap6260(g) Firmware, Rg Rap2260(g) Firmware, Rg Rap6260(h) D Firmware, Rg Nbc256 Firmware, Rg Nbc512 Firmware, Rg S1930 24gt4sfp Firmware, Rg S1930 24t4sfp P Firmware, Rg S1930 8gt2sfp Firmware, Rg S1930 8gt2sfp P Firmware, Rg S1930 8t2sfp P Firmware, Rg S1930 24t4sfp Firmware, Rg S1930 24gt4sfp P Firmware, Rg S1930 8t2sfp Firmware

65 products

Rg Eg305gh P E Firmware

Rg Eg105gw(t) Firmware

Rg Eg105gw X Firmware

Rg Eg2000ce Firmware

Rg Eg2100 P Firmware

Rg Eg209gs Firmware

Rg Eg310gh E Firmware

Rg Nbs3100 48gt4sfp P Firmware

Rg Nbs3200 24gt4xs Firmware

Rg Nbs3200 24sfp Firmware

Rg Nbs3200 8gt4xs Firmware

Rg Nbs3200 24gt4xs P Firmware

Rg Nbs3200 48gt4xs Firmware

Rg Nbs3200 48gt4xs P Firmware

Rg Nbs3100 24gt4sfp Firmware

Rg Nbs3100 24gt4sfp P Firmware

Rg Nbs3100 8gt2sfp Firmware

Rg Nbs3100 8gt2sfp P Firmware

Rg Rap2200(e) Firmware

Rg Rap6260(h) Firmware

Rg Rap1200(p) Firmware

Rg Rap2260(e) Firmware

Rg Rap6262(g) Firmware

Rg Rap6262 Firmware

Rg Rap2260 Firmware

Rg Rap6202(g) Firmware

Rg Rap1201 Firmware

Rg Rap1200(f) Firmware

Rg Rap2260(f) Firmware

Rg Rap2200(f) Firmware

Rg Rap6260(g) Firmware

Rg Rap2260(g) Firmware

Rg Rap6260(h) D Firmware

Rg Nbc256 Firmware

Rg Nbc512 Firmware

Rg S1930 24gt4sfp Firmware

Rg S1930 24t4sfp P Firmware

Rg S1930 8gt2sfp Firmware

Rg S1930 8gt2sfp P Firmware

Rg S1930 8t2sfp P Firmware

Rg S1930 24t4sfp Firmware

Rg S1930 24gt4sfp P Firmware

Rg S1930 8t2sfp Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew1200r Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew1200r	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew300 Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew300	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew3200gx Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew3200gx	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew1200g Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew1200g	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew1800gx Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew1800gx	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew300r Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew300r	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Ew1200 Firmware	Version 3.0(1)b11p204

Running on/with	Platform Versions
Ruijie Rg Ew1200	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg3000xe Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg3000xe	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg105g Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg105g	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg305gh P E Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg305gh P E	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg105g P Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg105g P	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg3230 Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg3230	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg1000e Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg1000e	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg105g E Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg105g E	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg105gw(t) Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg105gw(t)	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg105gw X Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg105gw X	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg2000ce Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg2000ce	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg2100 P Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg2100 P	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg209gs Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg209gs	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg310gh E Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg310gh E	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg3000eu Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg3000eu	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg210g P Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg210g P	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg3250 Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg3250	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Re Eg1000m Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Re Eg1000m	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Eg1000c Firmware	Version 3.0(1)b11p216

Running on/with	Platform Versions
Ruijie Rg Eg1000c	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3100 48gt4sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3100 48gt4sfp P	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 24gt4xs Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 24gt4xs	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 24sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 24sfp	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 8gt4xs Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 8gt4xs	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 24gt4xs P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 24gt4xs P	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 48gt4xs Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 48gt4xs	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3200 48gt4xs P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3200 48gt4xs P	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3100 24gt4sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3100 24gt4sfp	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3100 24gt4sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3100 24gt4sfp P	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3100 8gt2sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3100 8gt2sfp	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbs3100 8gt2sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Nbs3100 8gt2sfp P	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap1260 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap1260	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2266 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2266	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap1261 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap1261	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap73hd Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap73hd	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2200(e) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2200(e)	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6260(h) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6260(h)	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap1200(p) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap1200(p)	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2260(e) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2260(e)	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6262(g) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6262(g)	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6262 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6262	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2260 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2260	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6202(g) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6202(g)	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap1201 Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap1201	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap1200(f) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap1200(f)	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2260(f) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2260(f)	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2200(f) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2200(f)	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6260(g) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6260(g)	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap2260(g) Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap2260(g)	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Rap6260(h) D Firmware	Version ap_3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg Rap6260(h) D	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbc256 Firmware	Version ac_3.0(1)b11p86

Running on/with	Platform Versions
Ruijie Rg Nbc256	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg Nbc512 Firmware	Version ac_3.0(1)b11p86

Running on/with	Platform Versions
Ruijie Rg Nbc512	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 24gt4sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 24gt4sfp	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 24t4sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 24t4sfp P	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 8gt2sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 8gt2sfp	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 8gt2sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 8gt2sfp P	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 8t2sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 8t2sfp P	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 24t4sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 24t4sfp	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 24gt4sfp P Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 24gt4sfp P	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ruijie Rg S1930 8t2sfp Firmware	Version 3.0(1)b11p218

Running on/with	Platform Versions
Ruijie Rg S1930 8t2sfp	All versions

Related CWEs

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (4)

https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/

Source: cve@mitre.org

PatchVendor Advisory

https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001

Source: cve@mitre.org

https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.ruijienetworks.com/support/securityBulletins/cybersecurity_bulletins/10001

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.