MEDIUM🇬🇧 English

CVE-2024-2641

CVSS 5.3v3.1pub. 2024-03-19upd. 2025-08-21

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • Ruijie Rg Nbs2009g P

    HW
    Ruijie
    wszystkie wersje
  • Ruijie Rg Nbs2009g P Firmware

    OS
    Ruijie
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-24116CRITICAL9.8PL ✓ten sam produkt

Nieautoryzowane uzyskanie uprawnień w Ruijie RG-NBS2009G-P via config_menu.htm

CVE-2024-24117CRITICAL9.8PL ✓ten sam produkt

Nieprawidłowe uprawnienia w Ruijie RG-NBS2009G-P umożliwiają privilege escalation

CVE-2024-2642HIGH7.3ten sam produkt

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected b...

CVE-2023-38902HIGH8.8ten sam produkt

A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG...

CVE-2025-56752CRITICAL9.4PL ✓ten sam vendor

Pominięcie uwierzytelnienia w przełącznikach Ruijie RG-ES Series