CVE-2023-26800
Published Mar 26, 2023
Last updated 2 years ago
Overview
- Description
- Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- nvd@nist.gov
- CWE-77
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijienetworks:rg-ew1200r:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "832C68AE-662E-4597-B0DF-9467078B6F01"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijienetworks:rg-ew1200r_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5327E827-80E2-46AA-9383-3CD874B51FEA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "693E2E30-5F81-49DD-8FA9-B88EB089B378"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijienetworks:rg-ew1200_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC61FDAC-B299-42FA-BA81-CE95622BC0CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "727F7545-61FB-43F4-9A52-A613CE26B0ED"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruijienetworks:rg-ew1200g_pro_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "666DA117-2888-42E6-82A4-FE78087C41BD"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]