CVE-2024-5338 | Ruijie RG-UAC up to 20240516 online.php peernode os command injection

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been classified as critical. Affected is an unknown function of the file /view/vpn/autovpn/online.php. The manipulation of the argument peernode leads to os command injection.

This vulnerability is traded as CVE-2024-5338. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-5338 | Ruijie RG-UAC up to 20240516 online.php peernode os command injection

Post correlati

CVE-2023-7105 | code-projects E-Commerce Website 1.0 index_search.php search sql injection

CVE-2024-40980 | Linux Kernel up to 6.9.6 spinlock_rt.c trace_drop_common stack-based overflow

CVE-2024-4305 | Post Grid Gutenberg Blocks and Blog Plugin up to 4.0.x on WordPress Block cross site scripting

CVE-2024-20072 | MediaTek MT6890/MT6990/MT7622 WLAN Driver out-of-bounds write (WCNCR00364732)