View CSAF
1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Ruijie
- Equipment: Reyee OS
- Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to an Unauthorized Actor, Premature Release of Resource During Expected Lifetime, Insecure Storage of Sensitive Information, Use of Weak Credentials, Improper Neutralization of Wildcards or Matching Symbols, Improper Handling of Insufficient Permissions or Privileges, Server-Side Request Forgery (SSRF), Use of Inherently Dangerous Function, Resource Leak
2. RISK EVALUATION
Successful exploitation of this vulnerabilities could allow attackers to take near full control o
[…]
This article has been indexed from All CISA Advisories