| CVE-2024-4505 | Date: (C)2024-05-06 (M)2024-05-20 |
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263109 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V3 Severity: | CVSS V2 Severity: |
| CVSS Score : 4.7 | CVSS Score : |
| Exploit Score: | Exploit Score: |
| Impact Score: | Impact Score: |
| |
| CVSS V3 Metrics: | CVSS V2 Metrics: |
| Attack Vector: | Access Vector: |
| Attack Complexity: | Access Complexity: |
| Privileges Required: | Authentication: |
| User Interaction: | Confidentiality: |
| Scope: | Integrity: |
| Confidentiality: | Availability: |
| Integrity: | |
| Availability: | |
| | |
