CVE-2024-4816 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2024-4816

Analyzed

More Info Official Page

Source-cna@vuldb.com

Published At-14 May, 2024 | 15:45

Updated At-21 Aug, 2025 | 18:20

A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506. This affects an unknown part of the file /view/networkConfig/GRE/gre_add_commit.php. The manipulation of the argument name/remote/local/IP leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263937 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	5.3	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	6.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

Ruijie Networks Co., Ltd.

>>rg-uac_6000-cc_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-cc_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-cc>>-

cpe:2.3:h:ruijie:rg-uac_6000-cc:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10>>-

cpe:2.3:h:ruijie:rg-uac_6000-e10:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10>>3.0

cpe:2.3:h:ruijie:rg-uac_6000-e10:3.0:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10c_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e10c_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e10c>>-

cpe:2.3:h:ruijie:rg-uac_6000-e10c:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e20_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20>>-

cpe:2.3:h:ruijie:rg-uac_6000-e20:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20c_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e20c_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20c>>-

cpe:2.3:h:ruijie:rg-uac_6000-e20c:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20m_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e20m_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e20m>>-

cpe:2.3:h:ruijie:rg-uac_6000-e20m:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e50_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50>>-

cpe:2.3:h:ruijie:rg-uac_6000-e50:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50c_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e50c_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50c>>-

cpe:2.3:h:ruijie:rg-uac_6000-e50c:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50m_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-e50m_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-e50m>>-

cpe:2.3:h:ruijie:rg-uac_6000-e50m:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-ea_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-ea_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-ea>>-

cpe:2.3:h:ruijie:rg-uac_6000-ea:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-ei_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-ei_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-ei>>-

cpe:2.3:h:ruijie:rg-uac_6000-ei:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg02_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-isg02_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg02>>-

cpe:2.3:h:ruijie:rg-uac_6000-isg02:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg10_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-isg10_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg10>>-

cpe:2.3:h:ruijie:rg-uac_6000-isg10:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg200_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-isg200_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg200>>-

cpe:2.3:h:ruijie:rg-uac_6000-isg200:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg40_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-isg40_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-isg40>>-

cpe:2.3:h:ruijie:rg-uac_6000-isg40:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-si_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-si_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-si>>-

cpe:2.3:h:ruijie:rg-uac_6000-si:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-u3100_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-u3100_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-u3100>>-

cpe:2.3:h:ruijie:rg-uac_6000-u3100:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-u3210_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-u3210_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-u3210>>-

cpe:2.3:h:ruijie:rg-uac_6000-u3210:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x100_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x100_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x100>>-

cpe:2.3:h:ruijie:rg-uac_6000-x100:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x100s_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x100s_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x100s>>-

cpe:2.3:h:ruijie:rg-uac_6000-x100s:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x20_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20>>-

cpe:2.3:h:ruijie:rg-uac_6000-x20:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x200_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x200_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x200>>-

cpe:2.3:h:ruijie:rg-uac_6000-x200:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20m_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x20m_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20m>>-

cpe:2.3:h:ruijie:rg-uac_6000-x20m:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20me_firmware>>-

cpe:2.3:o:ruijie:rg-uac_6000-x20me_firmware:-:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>rg-uac_6000-x20me>>-

cpe:2.3:h:ruijie:rg-uac_6000-x20me:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-78	Secondary	cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf	cna@vuldb.com	Broken Link
https://vuldb.com/?ctiid.263937	cna@vuldb.com	Permissions Required VDB Entry
https://vuldb.com/?id.263937	cna@vuldb.com	Third Party Advisory VDB Entry
https://vuldb.com/?submit.329953	cna@vuldb.com	Third Party Advisory VDB Entry
https://github.com/h0e4a0r1t/I_L-HxK-pF-uZ1-/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_add_commit.php.pdf	af854a3a-2127-422b-91ae-364da2661108	Broken Link
https://vuldb.com/?ctiid.263937	af854a3a-2127-422b-91ae-364da2661108	Permissions Required VDB Entry
https://vuldb.com/?id.263937	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://vuldb.com/?submit.329953	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry