MEDIUM🇵🇱 Wersja polska

CVE-2024-2641

CVSS 5.3v3.1pub. 2024-03-19upd. 2025-08-21

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • Ruijie Rg Nbs2009g P

    HW
    Ruijie
    wszystkie wersje
  • Ruijie Rg Nbs2009g P Firmware

    OS
    Ruijie
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-24116CRITICAL9.8PL ✓ten sam produkt

Nieautoryzowane uzyskanie uprawnień w Ruijie RG-NBS2009G-P via config_menu.htm

CVE-2024-24117CRITICAL9.8PL ✓ten sam produkt

Nieprawidłowe uprawnienia w Ruijie RG-NBS2009G-P umożliwiają privilege escalation

CVE-2024-2642HIGH7.3ten sam produkt

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected b...

CVE-2023-38902HIGH8.8ten sam produkt

A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG...

CVE-2025-56752CRITICAL9.4PL ✓ten sam vendor

Pominięcie uwierzytelnienia w przełącznikach Ruijie RG-ES Series