CVE-2024-5339 | Ruijie RG-UAC up to 20240516 online_check.php peernode os command injection

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/vpn/autovpn/online_check.php. The manipulation of the argument peernode leads to os command injection.

This vulnerability is known as CVE-2024-5339. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-5339 | Ruijie RG-UAC up to 20240516 online_check.php peernode os command injection

Post correlati

CVE-2023-47681 | QuadLayers WooCommerce Checkout Manager Plugin up to 7.3.0 on WordPress authorization

CVE-2024-21724 | Joomla CMS up to 3.10.14/4.4.2/5.0.2 Media Selection cross site scripting

CVE-2024-4150 | Simple Basic Contact Form Plugin up to 20221201 on WordPress cross site scripting

CVE-2024-36255 | Mattermost up to 8.1.12/9.5.3/9.6.1 Slash Command cross-site request forgery