A vulnerability, which was classified as critical, was...
Moderate severity
Unreviewed
Published
May 6, 2024
to the GitHub Advisory Database
•
Updated May 6, 2024
Description
Published by the National Vulnerability Database
May 5, 2024
Published to the GitHub Advisory Database
May 6, 2024
Last updated
May 6, 2024
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263109 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References