8.8
HIGH
CVE-2023-38902
Netgear Command Injection Vulnerability
Description

A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.

INFO

Published Date :

Aug. 17, 2023, 1:15 p.m.

Last Modified :

Aug. 23, 2023, 4:55 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

2.8
Affected Products

The following products are affected by CVE-2023-38902 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Ruijie rg-ew1200r_firmware
2 Ruijie rg-ew300r_firmware
3 Ruijie rg-ew1200_firmware
4 Ruijie rg-eg105g-e_firmware
5 Ruijie rg-eg210g-p_firmware
6 Ruijie rg-nbs3200-24gt4xs-p_firmware
7 Ruijie rg-nbs3200-48gt4xs_firmware
8 Ruijie rg-nbs3200-48gt4xs-p_firmware
9 Ruijie rg-nbs3100-24gt4sfp_firmware
10 Ruijie rg-nbs3100-24gt4sfp-p_firmware
11 Ruijie rg-nbs3100-8gt2sfp_firmware
12 Ruijie rg-nbs3100-8gt2sfp-p_firmware
13 Ruijie rg-rap2200\(e\)_firmware
14 Ruijie rg-rap2260\(e\)_firmware
15 Ruijie rg-rap1200\(f\)_firmware
16 Ruijie rg-rap2200\(f\)_firmware
17 Ruijie rg-rap6260\(g\)_firmware
18 Ruijie rg-rap2260\(g\)_firmware
19 Ruijie rg-nbc256_firmware
20 Ruijie rg-nbc512_firmware
21 Ruijie rg-s1930-24gt4sfp_firmware
22 Ruijie rg-s1930-24t4sfp-p_firmware
23 Ruijie rg-s1930-8gt2sfp_firmware
24 Ruijie rg-s1930-8gt2sfp-p_firmware
25 Ruijie rg-s1930-8t2sfp-p_firmware
26 Ruijie rg-s1930-24t4sfp_firmware
27 Ruijie rg-ew1200g_pro_firmware
28 Ruijie rg-ew1300g_firmware
29 Ruijie rg-ew1800gx_pro_firmware
30 Ruijie rg-ew3000gx_pro_firmware
31 Ruijie rg-ew300_pro_firmware
32 Ruijie rg-ew3200gx_pro_firmware
33 Ruijie rg-nb3200-24gt4xs_firmware
34 Ruijie rg-nbs1850gc_firmware
35 Ruijie rg-nbs1850gc_v2_firmware
36 Ruijie rg-nbs2000_firmware
37 Ruijie rg-nbs2009g-p_firmware
38 Ruijie rg-nbs200_firmware
39 Ruijie rg-nbs2026g-p_firmware
40 Ruijie rg-nbs2026g_firmware
41 Ruijie rg-nbs226f_firmware
42 Ruijie rg-nbs228f_firmware
43 Ruijie rg-nbs252f_firmware
44 Ruijie rg-nbs3100-24gt4sfp-p_v2_firmware
45 Ruijie rg-nbs3100-48gt4sfp_firmware
46 Ruijie rg-nbs3200-24sfp\/8gt4xs_firmware
47 Ruijie rg-nbs5100-24gt4sfp_firmware
48 Ruijie rg-nbs5100-48gt4sfp_firmware
49 Ruijie rg-nbs5200-24gt4x_firmware
50 Ruijie rg-nbs5200-24sfp\/8gt4xs_firmware
51 Ruijie rg-nbs5200-48gt4xs_firmware
52 Ruijie rg-nbs5300-48mg6xs_firmware
53 Ruijie rg-nbs5528xg_firmware
54 Ruijie rg-nbs5552xg_firmware
55 Ruijie rg-nbs5552xg_v2.0_firmware
56 Ruijie rg-nbs5628xg_firmware
57 Ruijie rg-nbs5652xg_firmware
58 Ruijie rg-nbs5710-24gt4sfp-e-p_firmware
59 Ruijie rg-nbs5710-24gt4sfp-e_firmware
60 Ruijie rg-nbs5710-48gt4sfp-e_firmware
61 Ruijie rg-nbs5750-28gt4xs-e_firmware
62 Ruijie rg-nbs5750v2-24gt4xs-e_firmware
63 Ruijie rg-nbs5750v2-24sfp4xs-e_firmware
64 Ruijie rg-nbs5750v2-48gt4xs-e_firmware
65 Ruijie rg-nbs5816xs_firmware
66 Ruijie rg-nbs6002_firmware
67 Ruijie rg-nbs6100-20xs4vs2qxs-s_firmware
68 Ruijie rg-nbs7003_firmware
69 Ruijie rg-nbs7006_firmware
70 Ruijie rg-eg210g-pe_firmware
71 Ruijie rg-eg210g-e_firmware
72 Ruijie rg-eg105g-pe_firmware
73 Ruijie rg-eg105g_v2_firmware
74 Ruijie rg-rap1260\(g\)_firmware
75 Ruijie rg-rap1200\(e\)_firmware
76 Ruijie rg-rap120v2_firmware
77 Ruijie rg-rap100_firmware
78 Ruijie rg-rap120_firmware
79 Ruijie rg-rap2200\(g\)_firmware
80 Ruijie rg-eap101_v2_firmware
81 Ruijie rg-eap102_v2_firmware
82 Ruijie rg-eap162\(g\)_firmware
83 Ruijie rg-eap102\(f\)_firmware
84 Ruijie rg-eap102_firmware
85 Ruijie rg-eap101_firmware
86 Ruijie rg-rap630ioda_firmware
87 Ruijie rg-rap630cd_firmware
88 Ruijie rg-rap6261\(e\)_firmware
89 Ruijie rg-rap6261\(cd\)_firmware
90 Ruijie rg-eap262\(g\)_firmware
91 Ruijie rg-eap212\(g\)_firmware
92 Ruijie rg-eap212\(f\)_firmware
93 Ruijie rg-eap202_firmware
94 Ruijie rg-eap201_firmware
95 Ruijie rg-eap602_firmware
96 Ruijie rg-eap662\(g\)_firmware
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-38902.

URL Resource
https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 Exploit Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-38902 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-38902 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Aug. 23, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 No Types Assigned https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 Exploit, Third Party Advisory
    Added CWE NIST CWE-77
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew1200_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew1200g_pro_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew1200g_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew1200r_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew1200r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew1300g_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew1300g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew1800gx_pro_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew1800gx_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew3000gx_pro_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew3000gx_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew300_pro_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew300_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew300r_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew300r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-ew3200gx_pro_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-ew3200gx_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nb3200-24gt4xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nb3200-24gt4xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs1850gc_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs1850gc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs1850gc_v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs1850gc_v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs2000_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs2000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs2009g-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs2009g-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs200_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs2026g-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs2026g-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs2026g_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs2026g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs226f_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs226f:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs228f_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs228f:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs252f_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs252f:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-24gt4sfp-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-24gt4sfp-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-24gt4sfp-p_v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-24gt4sfp-p_v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-24gt4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-24gt4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-48gt4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-48gt4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-8gt2sfp-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-8gt2sfp-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3100-8gt2sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3100-8gt2sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3200-24gt4xs-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3200-24gt4xs-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3200-24sfp\/8gt4xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3200-24sfp\/8gt4xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3200-48gt4xs-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3200-48gt4xs-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs3200-48gt4xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs3200-48gt4xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5100-24gt4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5100-24gt4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5100-48gt4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5100-48gt4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5200-24gt4x_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5200-24gt4x:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5200-24sfp\/8gt4xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5200-24sfp\/8gt4xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5200-48gt4xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5200-48gt4xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5300-48mg6xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5300-48mg6xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5528xg_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5528xg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5552xg_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5552xg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5552xg_v2.0_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5552xg_v2.0:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5628xg_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5628xg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5652xg_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5652xg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5710-24gt4sfp-e-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5710-24gt4sfp-e-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5710-24gt4sfp-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5710-24gt4sfp-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5710-48gt4sfp-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5710-48gt4sfp-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5750-28gt4xs-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5750-28gt4xs-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5750v2-24gt4xs-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5750v2-24gt4xs-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5750v2-24sfp4xs-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5750v2-24sfp4xs-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5750v2-48gt4xs-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5750v2-48gt4xs-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs5816xs_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs5816xs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs6002_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs6002:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs6100-20xs4vs2qxs-s_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs6100-20xs4vs2qxs-s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs7003_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs7003:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbs7006_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbs7006:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-24gt4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-24gt4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-24t4sfp-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-24t4sfp-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-24t4sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-24t4sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-8gt2sfp-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-8gt2sfp-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-8gt2sfp_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-8gt2sfp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-s1930-8t2sfp-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-s1930-8t2sfp-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg210g-pe_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg210g-pe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg210g-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg210g-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg105g-pe_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg105g-pe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg105g-e_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg105g-e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg105g_v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg105g_v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eg210g-p_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eg210g-p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap1260\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap1260\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap1200\(e\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap1200\(e\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap1200\(f\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap1200\(f\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap120v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap120v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap100_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap120_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap6260\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap6260\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap2260\(e\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap2260\(e\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap2260\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap2260\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap2200\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap2200\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap2200\(e\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap2200\(e\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap2200\(f\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap2200\(f\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap101_v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap101_v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap102_v2_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap102_v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap162\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap162\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap102\(f\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap102\(f\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap102_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap102:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap101_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap101:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap630ioda_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap630ioda:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap630cd_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap630cd:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap6261\(e\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap6261\(e\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-rap6261\(cd\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-rap6261\(cd\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap262\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap262\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap212\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap212\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap212\(f\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap212\(f\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap202_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap202:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap201_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap201:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap602_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap602:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-eap662\(g\)_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-eap662\(g\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbc256_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbc256:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:ruijie:rg-nbc512_firmware:3.0\(1\)b11p219:*:*:*:*:*:*:* OR cpe:2.3:h:ruijie:rg-nbc512:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Aug. 18, 2023

    Action Type Old Value New Value
    Removed Reference http://rg-ew.com [No Types Assigned]
    Removed Reference http://ruijie.com [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 18, 2023

    Action Type Old Value New Value
    Changed Description An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P218, RG-EG series business VPN routers v.EG_3.0(1)B11P216, EAP and RAP series wireless access points v.AP_3.0(1)B11P218, and NBC series wireless controllers v.AC_3.0(1)B11P86 allows a remote attacker to execute arbitrary code via the unifyframe-sgi.elf component in sub_40DA38. A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-38902 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.10 }} 0.03%

score

0.41876

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability