cve/2024/CVE-2024-2641.md

### [CVE-2024-2641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2641)
![](https://img.shields.io/static/v1?label=Product&message=RG-NBS2009G-P&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=20240305%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brightgreen)

### Description

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Es wurde eine kritische Schwachstelle in Ruijie RG-NBS2009G-P bis 20240305 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /system/passwdManage.htm der Komponente Password Handler. Dank Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/NaInSec/CVE-LIST
- https://github.com/h0e4a0r1t/h0e4a0r1t
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-2641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2641)`
			`![](https://img.shields.io/static/v1?label=Product&message=RG-NBS2009G-P&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=20240305%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brightgreen)`

			`### Description`

			A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
			`Es wurde eine kritische Schwachstelle in Ruijie RG-NBS2009G-P bis 20240305 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /system/passwdManage.htm der Komponente Password Handler. Dank Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/NaInSec/CVE-LIST`
			`- https://github.com/h0e4a0r1t/h0e4a0r1t`