漏洞描述
锐捷Ruijie-UAC 是一款广泛应用于企业网络安全管理的统一认证控制系统。该平台的 /view/vpn/autovpn/online_check.php 接口存在命令执行漏洞,攻击者可以通过特定的请求在目标服务器上执行任意命令,可能导致服务器被完全控制。
锐捷Ruijie-UAC /view/vpn/autovpn/online_check.php 命令执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2023-4169: Ruijie RG-EW1200G Router - Password Reset
- POC CVE-2023-4415: Ruijie RG-EW1200G Router Background - Login Bypass
- POC CVE-2024-24116: Ruijie RG-NBS2009G-P - Improper Authentication
- POC CNVD-2021-14536: Ruijie RG-UAC Information Disclosure
- POC CNVD-2021-27648: Ruijie RG-UAC Information Leakage Vulnerability
- POC ruijie-eg-password-leak: Ruijie EG Information Disaclosure
- POC ruijie-smartweb-password-disclosure: Ruijie smartweb password information disclosure
- POC CNVD-2020-56167: Ruijie Smartweb - Default Password
- POC CNVD-2021-09650: Ruijie Networks-EWEB Network Management System - Remote Code Execution
- POC CNVD-2021-14536: Ruijie RG-UAC Unified Internet Behavior Management Audit System - Information Disclosure
- POC CNVD-2021-17369: Ruijie Smartweb Management System Password Information Disclosure
- POC ruijie-nbr-default-login: Ruijie NBR Series Routers - Default Login
- POC ruijie-nbr1300g-exposure: Ruijie NBR1300G Cli Password Leak - Detect