CVE-2023-27796
Summary
| CVE | CVE-2023-27796 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-26 21:15:00 UTC |
| Updated | 2023-04-03 16:52:00 UTC |
| Description | RG-EW1200G PRO Wireless Routers EW_3.0(1)B11P204, RG-EW1800GX PRO Wireless Routers EW_3.0(1)B11P204, and RG-EW3200GX PRO Wireless Routers EW_3.0(1)B11P204 were discovered to contain multiple command injection vulnerabilities via the data.ip, data.protocal, data.iface and data.package parameters in the runPackDiagnose function of diagnose.lua. |
Risk And Classification
Problem Types: CWE-77
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Ruijienetworks | Rg-ew1200g Pro | - | All | All | All |
| Operating System | Ruijienetworks | Rg-ew1200g Pro Firmware | ew_3.0\(1\)b11p204 | All | All | All |
| Hardware | Ruijienetworks | Rg-ew1800gx Pro | - | All | All | All |
| Operating System | Ruijienetworks | Rg-ew1800gx Pro Firmware | ew_3.0\(1\)b11p204 | All | All | All |
| Hardware | Ruijienetworks | Rg-ew3200gx Pro | - | All | All | All |
| Operating System | Ruijienetworks | Rg-ew3200gx Pro Firmware | ew_3.0\(1\)b11p204 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| my-vuls/RG-EW PRO Series at main · winmt/my-vuls · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.