HIGH🇵🇱 Wersja polska

CVE-2024-2642

CVSS 7.3v3.1pub. 2024-03-19upd. 2025-08-21

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCU_SHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257281 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Ruijie Rg Nbs2009g P

    HW
    Ruijie
    wszystkie wersje
  • Ruijie Rg Nbs2009g P Firmware

    OS
    Ruijie
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-24116CRITICAL9.8PL ✓ten sam produkt

Nieautoryzowane uzyskanie uprawnień w Ruijie RG-NBS2009G-P via config_menu.htm

CVE-2024-24117CRITICAL9.8PL ✓ten sam produkt

Nieprawidłowe uprawnienia w Ruijie RG-NBS2009G-P umożliwiają privilege escalation

CVE-2023-38902HIGH8.8ten sam produkt

A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG...

CVE-2024-2641MEDIUM5.3ten sam produkt

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected...

CVE-2025-56752CRITICAL9.4PL ✓ten sam vendor

Pominięcie uwierzytelnienia w przełącznikach Ruijie RG-ES Series