CVE-2024-4509

CVSS 2.0 Score 5.8 of 10 (medium)

Details

Published May 6, 2024
Updated: Jun 4, 2024
CWE ID 78

Summary

CVE-2024-4509 is a critical vulnerability affecting Ruijie RG-UAC versions up to 20240428. This issue lies in an unknown functionality of the file /view/IPV6/naborTable/add_commit.php, which allows attackers to inject os commands through the manipulation of the ip_addr/mac_addr argument. The exploit can be launched remotely, and the vendor has not responded to disclosure efforts. This vulnerability, identified as VDB-263113, has been disclosed to the public and poses a significant risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share