CVE-2024-46874
Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Ruijie · Reyee OS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →