Vulnerabilities > Ruijie > RG Nbs2009G P Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-10-02 CVE-2024-24117 Incorrect Permission Assignment for Critical Resource vulnerability in Ruijie Rg-Nbs2009G-P Firmware 10.4(1)P2Release(9736)
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
network
low complexity
ruijie CWE-732
critical
 9.8
9.8
2024-10-02 CVE-2024-24116 Unspecified vulnerability in Ruijie Rg-Nbs2009G-P Firmware 10.4(1)P2Release(9736)
An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
network
low complexity
ruijie
critical
 9.8
9.8
2023-08-17 CVE-2023-38902 Command Injection vulnerability in Ruijie products
A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.
network
low complexity
ruijie CWE-77
8.8
8.8