Sign-up

ID

VAR-202104-1999


TITLE

An arbitrary command execution vulnerability exists in the wireless SmartWeb management system of Ruijie Networks Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2021-17291

DESCRIPTION

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, and storage. An arbitrary command execution vulnerability exists in the wireless SmartWeb management system of Ruijie Networks. An attacker can use this vulnerability to execute arbitrary commands and obtain user passwords.

Trust: 0.6

sources: CNVD: CNVD-2021-17291

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-17291

AFFECTED PRODUCTS

vendor:ruijiemodel:wireless smartweb management systemscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-17291

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-17291
value: HIGH

Trust: 0.6

CNVD: CNVD-2021-17291
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:H/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-17291

PATCH

title:Patch for An arbitrary command execution vulnerability exists in the wireless SmartWeb management system of Ruijie Networks Co., Ltd.url:https://www.cnvd.org.cn/patchinfo/show/312391

Trust: 0.6

sources: CNVD: CNVD-2021-17291

EXTERNAL IDS

db:CNVDid:CNVD-2021-17291

Trust: 0.6

sources: CNVD: CNVD-2021-17291

SOURCES

db:CNVDid:CNVD-2021-17291

LAST UPDATE DATE

2022-05-04T09:46:01.320000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-17291date:2022-01-05T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-17291date:2021-04-05T00:00:00