CVE-2024-4501

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published May 5, 2024

Updated: Jun 4, 2024

CWE ID 78

Summary

CVE-2024-4501 is a critical vulnerability affecting Ruijie RG-UAC up to version 20240428. This issue is related to an unspecified processing flaw in the file /view/bugSolve/captureData/commit.php. The manipulation of the tcpDump argument results in os command injection, making the attack remotely exploitable. The exploit for this vulnerability has been disclosed publicly, increasing the risk for potential attacks. The identifier VDB-263105 has been assigned to this issue. Notably, the vendor was contacted regarding this disclosure but failed to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vxd22V
https://www.cve.org/CVERecord?id=CVE-2024-4501
https://nvd.nist.gov/vuln/detail/CVE-2024-4501

Back to Vulnerability Database

CVE-2024-4501

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations