Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges
Vulnerability Description
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不充分权限或特权的处理不恰当
Vulnerability Title
Ruijie Networks ReyeeOS 安全漏洞
Vulnerability Description
Ruijie Networks ReyeeOS是中国锐捷网络(Ruijie Networks)公司的一款路由器。 Ruijie Networks ReyeeOS 2.206.x版本至2.320.x之前版本存在安全漏洞。攻击者利用该漏洞可以使用设备凭证连接的 MQTT 客户端向某些主题发送消息。
CVSS Information
N/A
Vulnerability Type
N/A