CVE-2024-4503 | Ruijie RG-UAC up to 20240428 dhcp_relay_commit.php interface_from os command injection

Posted by Angelo Barbosa | May 5, 2024 | CVE

A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. The manipulation of the argument interface_from leads to os command injection.

This vulnerability is known as CVE-2024-4503. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4503 | Ruijie RG-UAC up to 20240428 dhcp_relay_commit.php interface_from os command injection

Related Posts

CVE-2024-0052 | Google Android healthconnect information disclosure

CVE-2024-6214 | SourceCodester Food Ordering Management System 1.0 add-item.php price sql injection

CVE-2024-32613 | HDF5 up to 1.14.3 H5HLcache.c H5HL__fl_deserialize heap-based overflow

CVE-2024-6589 | LearnPress Plugin up to 4.2.6.8.2 on WordPress file inclusion