CRITICAL🇵🇱 Wersja polska

CVE-2019-16639

CVSS 9.8v3.1pub. 2024-07-16upd. 2025-07-09

An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET commands and/or show admin passwords via the mode_url=exec&command= substring. This affects EG-2000SE EG_RGOS 11.9 B11P1.

🤖 AI Analysis
How it works

The newcli.php API interface does not require authentication, allowing any user with access to the web panel to send requests with the parameter mode_url=exec&command=. Through this parameter, it is possible to execute TELNET commands and display administrator passwords. This is a classic case of command injection (CWE-78), where user input is passed directly to the command interpreter without proper validation and filtering.

Impact

An attacker can remotely execute commands on the device without any authentication and obtain administrator passwords, resulting in complete device takeover, loss of data confidentiality and integrity, and potential use of the device as an entry point to the internal network.

Mitigation & patch

Apply patches available from the manufacturer according to the references. As a temporary measure, it is recommended to restrict access to the device's web interface only to trusted IP addresses and implement network segmentation that prevents unauthorized users from reaching the management panel.

Who is affected

Ruijie EG-2000SE with firmware EG_RGOS 11.9 B11P1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ruijie Eg 2000se

    HW
    Ruijie
    wszystkie wersje
  • Ruijie Eg 2000se Firmware

    OS
    Ruijie
    11.9_b11p1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2019-16638HIGH7.5ten sam produkt

An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored password...

CVE-2019-16640HIGH7.5ten sam produkt

An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadF...

CVE-2019-16641HIGH8.4ten sam produkt

An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently...

CVE-2025-56752CRITICAL9.4PL ✓ten sam vendor

Pominięcie uwierzytelnienia w przełącznikach Ruijie RG-ES Series

CVE-2024-42936CRITICAL9.8PL ✓ten sam vendor

RCE w usłudze mqlink.elf urządzenia Ruijie RG-EW300N via MQTT