CVE-2023-4169 PoC — Ruijie Networks RG-EW1200G 访问控制错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-4169.yaml

Associated Vulnerability

Title:Ruijie Networks RG-EW1200G 访问控制错误漏洞 (CVE-2023-4169)
Description:Ruijie Networks RG-EW1200G是中国锐捷网络（Ruijie Networks）公司的一款无线路由器。 Ruijie Networks RG-EW1200G 1.0(1)B1P5版本存在访问控制错误漏洞，该漏洞源于文件/api/sys/set_passwd存在访问控制错误漏洞。

Description

A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/set_passwd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can be launched remotely.

File Snapshot


 id: CVE-2023-4169

info:
  name: Ruijie RG-EW1200G Router - Password Reset
  author: DhiyaneshDK
  s

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!