CVE-2024-46874
Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Ruijie · Reyee OSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →