CVE-2020-36870 | Ruijie RG-EG1000C prior 11.9(4)B12P1 EWEB Management System code injection

A vulnerability has been found in Ruijie RG-EG1000C, RG-EG2000F, RG-EG2000K, RG-EG2000L, RG-EG2000CE, RG-EG2000SE, RG-EG2000GE, RG-EG2000XE, RG-EG2000UE, RG-EG3000CE, RG-EG3000SE, RG-EG3000GE, RG-EG3000ME, RG-EG3000UE, RG-EG3000XE, RG-EG2100-P, EG3210, EG3220, EG3230, EG3250, NBR108G-P, NBR1000G-E, NBR1300G-E, NBR1700G-E, NBR2100G-E, NBR2500D-E, NBR3000D-E, NBR6120-E, NBR6135-E, NBR6205-E, NBR6210-E, NBR6215-E, NBR800G, NBR950G, NBR1000G-C, NBR2000G-C and NBR3000G-S and classified as critical. The affected element is an unknown function of the component EWEB Management System. This manipulation causes code injection.

The identification of this vulnerability is CVE-2020-36870. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2020-36870 | Ruijie RG-EG1000C prior 11.9(4)B12P1 EWEB Management System code injection

Post correlati

CVE-2024-37445 | bPlugins Html5 Audio Player Plugin up to 2.2.23 on WordPress cross site scripting

CVE-2024-34045 | O-RAN E2T I-Release Prometheus Metric sctpThread.cpp Increment denial of service

CVE-2024-57886 | Linux Kernel up to 6.12.8 damon_commit_targets memory leak

CVE-2024-37560 | IqbalRony WP User Switch Plugin up to 1.1.0 on WordPress privileges management