Ruijie RG-BCR860 Network Diagnostic Page os command injection
CVE-2023-3450

4.7MEDIUM

Key Information:

Vendor: Ruijie
Status: Rg-bcr860
Vendor: CVE Published:; 28 June 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 61%

What is CVE-2023-3450?

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232547. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RG-BCR860 2.5.13

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-3450
Created by yuanjinyuyuyu

CVE-2023-3450
Created by caopengyan

References

https://vuldb.com/?id.232547

vdb-entry

https://vuldb.com/?ctiid.232547

signaturepermissions-required

https://github.com/RCEraser/cve/blob/main/RG-BCR860.md

exploit

EPSS Score

61% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Sep 10, 2023
👾
Exploit known to exist
Sep 10, 2023
Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 28, 2023

Credit

RCEraser (VulDB User)

JSON

Ruijie