CVE-2023-3306

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200G version EW 3.0(1)B11P204

Description A critical issue has been found, affecting the Admin Password Handler component, specifically the file app.09df2a9e44ab48766f5f.js. This leads to improper access controls, and the attack can be initiated remotely. The exploit has been disclosed publicly, and the vendor was contacted but did not respond.

Recommendations For Ruijie RG-EW1200G version EW 3.0(1)B11P204, as a temporary workaround, consider restricting access to the Admin Password Handler component until a patch is available. Additionally, restrict remote access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.