CVE-2024-5339

Name of the Vulnerable Software and Affected Versions Ruijie RG-UAC versions up to 20240516

Description A critical issue affects an unknown functionality of the file /view/vpn/autovpn/online check.php, allowing for os command injection through the manipulation of the peernode argument. This can be exploited remotely. The issue has been publicly disclosed and may be used by attackers.

Recommendations For Ruijie RG-UAC versions up to 20240516, consider disabling the /view/vpn/autovpn/online check.php file or restricting access to it until a patch is available. Additionally, avoid using the peernode argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.