CVE-2023-27796

Published Mar 26, 2023

Last updated 2 years ago

Overview

Description: RG-EW1200G PRO Wireless Routers EW_3.0(1)B11P204, RG-EW1800GX PRO Wireless Routers EW_3.0(1)B11P204, and RG-EW3200GX PRO Wireless Routers EW_3.0(1)B11P204 were discovered to contain multiple command injection vulnerabilities via the data.ip, data.protocal, data.iface and data.package parameters in the runPackDiagnose function of diagnose.lua.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-77

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruijienetworks:rg-ew1800gx_pro_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1078AED-F5A5-47AC-8C85-B05DFD310784"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "325AEC70-B53C-425B-8B2A-520B8AC790EF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruijienetworks:rg-ew3200gx_pro_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5578737-13E6-410A-B9C2-C177D74FB1D1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "740F0BB8-76B4-4A91-B67B-CE9314BE48E6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruijienetworks:rg-ew1200g_pro_firmware:ew_3.0\\(1\\)b11p204:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "666DA117-2888-42E6-82A4-FE78087C41BD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "727F7545-61FB-43F4-9A52-A613CE26B0ED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References