PT-2024-21375 · Ruijie · Ruijie Rg-Nbs2009G-P Rgos
H0E4A0R1T
·
Published
2024-03-19
·
Updated
2025-08-21
·
CVE-2024-2641
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Ruijie RG-NBS2009G-P up to 20240305
Description
A critical issue has been found in the Password Handler component of the Ruijie RG-NBS2009G-P, specifically in the /system/passwdManage.htm file. This issue leads to improper authorization and can be exploited remotely. The vendor was contacted about this disclosure but did not respond.
Recommendations
For Ruijie RG-NBS2009G-P up to 20240305, as a temporary workaround, consider restricting access to the /system/passwdManage.htm file until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ruijie Rg-Nbs2009G-P Rgos