RCE in Ruijie Networks Co., Ltd. Rg-uac

CVE-2023-7304

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, c…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.037 (88.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References