RuijieCVEs & Vulnerabilities

52 CVEs affecting Ruijie products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

rg-uac 6000-e10 40rg-uac 6000-e50 21rg-uac 6000-e50 firmware 21rg-uac 6000-e20 20rg-uac 6000-e10 firmware 20rg-uac 6000-cc 20rg-uac 6000-cc firmware 20rg-uac 6000-e10c 20
CVE-2023-34644CRITICAL

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.

31 Jul 2023
9.8
CVSS
CVE-2023-3450HIGH

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232547. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

28 Jun 2023
7.2
CVSS
CVE-2020-21639MEDIUM

Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting (XSS) vulnerability via the rule_name parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

16 Nov 2021
6.1
CVSS
CVE-2020-21627HIGH

Ruijie RG-UAC commit 9071227 was discovered to contain a vulnerability in the component /current_action.php?action=reboot, which allows attackers to cause a denial of service (DoS) via unspecified vectors.

16 Nov 2021
7.5
CVSS
← PrevPage 2 / 2Next →