Ruijie Reyee Os
10 CVEs affecting Ruijie Reyee Os. Latest disclosed: 2024-12-06. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52324 | Critical | 9.8 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT m… |
CVE-2024-48874 | Critical | 9.8 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the at… |
CVE-2024-47547 | Critical | 9.4 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication… |
CVE-2024-46874 | High | 8.1 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. A… |
CVE-2024-47791 | High | 7.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and rec… |
CVE-2024-45722 | High | 7.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentia… |
CVE-2024-47043 | High | 7.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and p… |
CVE-2024-47146 | Medium | 6.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffin… |
CVE-2024-51727 | Medium | 6.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and c… |
CVE-2024-42494 | Medium | 6.5 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensit… |