CVE-2023-7330

Name of the Vulnerable Software and Affected Versions Ruijie NBR series routers (affected versions not specified)

Description Ruijie NBR series routers contain an unauthenticated arbitrary file upload issue via the /ddi/server/fileupload.php endpoint. The endpoint accepts attacker-controlled values in the name and uploadDir parameters and saves the provided file content without sufficient validation. This allows a remote attacker to upload a crafted PHP file and then access it from the web root, potentially leading to arbitrary code execution within the web service context. The Shadowserver Foundation observed exploitation of this issue on January 14, 2025 UTC.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.