### [CVE-2023-4415](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4415)
![](https://img.shields.io/static/v1?label=Product&message=RG-EW1200G&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2007161417%20r483%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen)

### Description

A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/sectool
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415
- https://github.com/thedarknessdied/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415