CVE-2024-48874
Ruijie Reyee OS Server-Side Request Forgery
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Ruijie · Reyee OS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →