SSRF in Ruijie Reyee Os
CVE-2024-48874
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Rui…
Vulnerability class: SSRF (Server-Side Request Forgery)
EPSS: 0.001 (31.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Ruijie Reyee Os — versions 2.206.x
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-48874?
- CVE-2024-48874 is a critical-severity vulnerability in Ruijie Reyee Os, classified under Server-Side Request Forgery (SSRF). CVSS score: 9.8/10. Published 2024-12-06.
- How severe is CVE-2024-48874?
- Critical severity. CVSS v3 base score is 9.8 out of 10.