mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
28 lines
1.0 KiB
JSON
28 lines
1.0 KiB
JSON
{
|
|
"id": "CVE-2023-38902",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-08-17T13:15:11.347",
|
|
"lastModified": "2023-08-18T14:15:28.480",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "http://rg-ew.com",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://ruijie.com",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |