CVE-2023-4415

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 18, 2023

Updated: May 17, 2024

CWE ID 287

Summary

CVE-2023-4415 is a critical vulnerability affecting Ruijie RG-EW1200G 07161417 r483. The issue lies within an unknown functionality of the /api/sys/login file, which results in improper authentication. This vulnerability allows for remote exploitation, making it a significant security risk. The exploit has been publicly disclosed, increasing the likelihood of attacks. Vendor VDB-237518 identifies this issue. Despite early notification, the vendor has not responded to disclosure efforts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ruijie Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sLm0b2
https://www.cve.org/CVERecord?id=CVE-2023-4415
https://nvd.nist.gov/vuln/detail/CVE-2023-4415

Back to Vulnerability Database

CVE-2023-4415

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations