Sign-up

ID

VAR-202101-1975


TITLE

Ruijie Networks Co., Ltd. EasyGate easy gateway has a command execution vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-00008

DESCRIPTION

EasyGate (hereinafter referred to as RG-EG) is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network export problems. Ruijie Networks Co., Ltd. EasyGate easy gateway has a command execution vulnerability. Attackers can use this vulnerability to obtain the root shell of the device without requiring device authorization (that is, without logging in), and execute arbitrary commands remotely.

Trust: 0.6

sources: CNVD: CNVD-2021-00008

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-00008

AFFECTED PRODUCTS

vendor:ruijiemodel:easygate eg2100-pscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-00008

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-00008
value: HIGH

Trust: 0.6

CNVD: CNVD-2021-00008
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-00008

PATCH

title:Patch for Ruijie Networks Co., Ltd. EasyGate easy gateway has a command execution vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/304746

Trust: 0.6

sources: CNVD: CNVD-2021-00008

EXTERNAL IDS

db:CNVDid:CNVD-2021-00008

Trust: 0.6

sources: CNVD: CNVD-2021-00008

SOURCES

db:CNVDid:CNVD-2021-00008

LAST UPDATE DATE

2022-05-04T10:25:28.816000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-00008date:2021-12-14T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-00008date:2021-01-24T00:00:00