Ruijienetworks Reyee_os

12 CVEs affecting Ruijienetworks Reyee_os. Latest disclosed: 2025-12-15. Critical: 3, High: 6.

Top CVEs affecting Ruijienetworks Reyee_os
CVESeverityScorePublishedSummary
CVE-2024-52324Critical9.82024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT m…
CVE-2024-48874Critical9.82024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the at…
CVE-2024-47547Critical9.42024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication…
CVE-2025-56077High8.82025-12-11OS Command Injection vulnerability in Ruijie RG-RAP2200(E) 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the module_s…
CVE-2023-53881High8.12025-12-15ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a ma…
CVE-2024-46874High8.12024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. A…
CVE-2024-47791High7.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and rec…
CVE-2024-45722High7.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentia…
CVE-2024-47043High7.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and p…
CVE-2024-47146Medium6.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffin…
CVE-2024-51727Medium6.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and c…
CVE-2024-42494Medium6.52024-12-06Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensit…