CVE-2024-5337 - Vulnerability Details

A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical. This issue affects some unknown processing of the file /view/systemConfig/sys_user/user_commit.php. The manipulation of the argument email2/user_name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266243. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00093.

Key SSVC decision points have not yet been added.

Vendors	Products
Ruijie	Rg-uac Rg-uac 6000-cc Rg-uac 6000-cc Firmware Rg-uac 6000-e10 Rg-uac 6000-e10 Firmware Rg-uac 6000-e10c Rg-uac 6000-e10c Firmware Rg-uac 6000-e20 Rg-uac 6000-e20 Firmware Rg-uac 6000-e20c Rg-uac 6000-e20c Firmware Rg-uac 6000-e20m Rg-uac 6000-e20m Firmware Rg-uac 6000-e50 Rg-uac 6000-e50 Firmware Rg-uac 6000-e50c Rg-uac 6000-e50c Firmware Rg-uac 6000-e50m Rg-uac 6000-e50m Firmware Rg-uac 6000-ea Rg-uac 6000-ea Firmware Rg-uac 6000-ei Rg-uac 6000-ei Firmware Rg-uac 6000-isg02 Rg-uac 6000-isg02 Firmware Rg-uac 6000-isg10 Rg-uac 6000-isg10 Firmware Rg-uac 6000-isg200 Rg-uac 6000-isg200 Firmware Rg-uac 6000-isg40 Rg-uac 6000-isg40 Firmware Rg-uac 6000-si Rg-uac 6000-si Firmware Rg-uac 6000-u3100 Rg-uac 6000-u3100 Firmware Rg-uac 6000-u3210 Rg-uac 6000-u3210 Firmware Rg-uac 6000-x100 Rg-uac 6000-x100 Firmware Rg-uac 6000-x100s Rg-uac 6000-x100s Firmware Rg-uac 6000-x20 Rg-uac 6000-x200 Rg-uac 6000-x200 Firmware Rg-uac 6000-x20 Firmware Rg-uac 6000-x20m Rg-uac 6000-x20m Firmware Rg-uac 6000-x20me Rg-uac 6000-x20me Firmware Rg-uac 6000-x300d Rg-uac 6000-x300d Firmware Rg-uac 6000-x60 Rg-uac 6000-x60 Firmware Rg-uac 6000-xs Rg-uac 6000-xs Firmware

Configuration 1 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-cc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-cc:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e10:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e10:3.0:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e10c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e10c:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e20:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e20c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e20c:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e20m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e20m:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e50:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e50c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e50c:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-e50m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-e50m:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-ea_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-ea:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-ei_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-ei:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-isg02_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-isg02:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-isg10_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-isg10:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-isg200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-isg200:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-isg40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-isg40:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-si_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-si:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-u3100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-u3100:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-u3210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-u3210:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x100:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x100s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x100s:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x20:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x200:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x20m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x20m:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x20me_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x20me:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x300d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x300d:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-x60_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-x60:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:ruijie:rg-uac_6000-xs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ruijie:rg-uac_6000-xs:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Ruijie	Rg-uac

References

Link	Providers
https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/z%7CYVDv%7CHKA)*%5CdK!/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-sys_user%3Auser_commit.php.pdf
https://vuldb.com/?ctiid.266243
https://vuldb.com/?id.266243
https://vuldb.com/?submit.336032

History

Thu, 21 Aug 2025 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ruijie rg-uac 6000-cc Ruijie rg-uac 6000-cc Firmware Ruijie rg-uac 6000-e10 Ruijie rg-uac 6000-e10 Firmware Ruijie rg-uac 6000-e10c Ruijie rg-uac 6000-e10c Firmware Ruijie rg-uac 6000-e20 Ruijie rg-uac 6000-e20 Firmware Ruijie rg-uac 6000-e20c Ruijie rg-uac 6000-e20c Firmware Ruijie rg-uac 6000-e20m Ruijie rg-uac 6000-e20m Firmware Ruijie rg-uac 6000-e50 Ruijie rg-uac 6000-e50 Firmware Ruijie rg-uac 6000-e50c Ruijie rg-uac 6000-e50c Firmware Ruijie rg-uac 6000-e50m Ruijie rg-uac 6000-e50m Firmware Ruijie rg-uac 6000-ea Ruijie rg-uac 6000-ea Firmware Ruijie rg-uac 6000-ei Ruijie rg-uac 6000-ei Firmware Ruijie rg-uac 6000-isg02 Ruijie rg-uac 6000-isg02 Firmware Ruijie rg-uac 6000-isg10 Ruijie rg-uac 6000-isg10 Firmware Ruijie rg-uac 6000-isg200 Ruijie rg-uac 6000-isg200 Firmware Ruijie rg-uac 6000-isg40 Ruijie rg-uac 6000-isg40 Firmware Ruijie rg-uac 6000-si Ruijie rg-uac 6000-si Firmware Ruijie rg-uac 6000-u3100 Ruijie rg-uac 6000-u3100 Firmware Ruijie rg-uac 6000-u3210 Ruijie rg-uac 6000-u3210 Firmware Ruijie rg-uac 6000-x100 Ruijie rg-uac 6000-x100 Firmware Ruijie rg-uac 6000-x100s Ruijie rg-uac 6000-x100s Firmware Ruijie rg-uac 6000-x20 Ruijie rg-uac 6000-x200 Ruijie rg-uac 6000-x200 Firmware Ruijie rg-uac 6000-x20 Firmware Ruijie rg-uac 6000-x20m Ruijie rg-uac 6000-x20m Firmware Ruijie rg-uac 6000-x20me Ruijie rg-uac 6000-x20me Firmware Ruijie rg-uac 6000-x300d Ruijie rg-uac 6000-x300d Firmware Ruijie rg-uac 6000-x60 Ruijie rg-uac 6000-x60 Firmware Ruijie rg-uac 6000-xs Ruijie rg-uac 6000-xs Firmware
CPEs		cpe:2.3:h:ruijie:rg-uac_6000-cc:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e10:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e10:3.0:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e10c:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e20:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e20c:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e20m:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e50:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e50c:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-e50m:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-ea:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-ei:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-isg02:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-isg10:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-isg200:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-isg40:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-si:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-u3100:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-u3210:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x100:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x100s:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x200:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x20:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x20m:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x20me:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x300d:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-x60:-:::::::* cpe:2.3:h:ruijie:rg-uac_6000-xs:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-cc_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e10_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e10c_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e20_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e20c_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e20m_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e50_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e50c_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-e50m_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-ea_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-ei_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-isg02_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-isg10_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-isg200_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-isg40_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-si_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-u3100_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-u3210_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x100_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x100s_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x200_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x20_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x20m_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x20me_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x300d_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-x60_firmware:-:::::::* cpe:2.3:o:ruijie:rg-uac_6000-xs_firmware:-:::::::*
Vendors & Products		Ruijie rg-uac 6000-cc Ruijie rg-uac 6000-cc Firmware Ruijie rg-uac 6000-e10 Ruijie rg-uac 6000-e10 Firmware Ruijie rg-uac 6000-e10c Ruijie rg-uac 6000-e10c Firmware Ruijie rg-uac 6000-e20 Ruijie rg-uac 6000-e20 Firmware Ruijie rg-uac 6000-e20c Ruijie rg-uac 6000-e20c Firmware Ruijie rg-uac 6000-e20m Ruijie rg-uac 6000-e20m Firmware Ruijie rg-uac 6000-e50 Ruijie rg-uac 6000-e50 Firmware Ruijie rg-uac 6000-e50c Ruijie rg-uac 6000-e50c Firmware Ruijie rg-uac 6000-e50m Ruijie rg-uac 6000-e50m Firmware Ruijie rg-uac 6000-ea Ruijie rg-uac 6000-ea Firmware Ruijie rg-uac 6000-ei Ruijie rg-uac 6000-ei Firmware Ruijie rg-uac 6000-isg02 Ruijie rg-uac 6000-isg02 Firmware Ruijie rg-uac 6000-isg10 Ruijie rg-uac 6000-isg10 Firmware Ruijie rg-uac 6000-isg200 Ruijie rg-uac 6000-isg200 Firmware Ruijie rg-uac 6000-isg40 Ruijie rg-uac 6000-isg40 Firmware Ruijie rg-uac 6000-si Ruijie rg-uac 6000-si Firmware Ruijie rg-uac 6000-u3100 Ruijie rg-uac 6000-u3100 Firmware Ruijie rg-uac 6000-u3210 Ruijie rg-uac 6000-u3210 Firmware Ruijie rg-uac 6000-x100 Ruijie rg-uac 6000-x100 Firmware Ruijie rg-uac 6000-x100s Ruijie rg-uac 6000-x100s Firmware Ruijie rg-uac 6000-x20 Ruijie rg-uac 6000-x200 Ruijie rg-uac 6000-x200 Firmware Ruijie rg-uac 6000-x20 Firmware Ruijie rg-uac 6000-x20m Ruijie rg-uac 6000-x20m Firmware Ruijie rg-uac 6000-x20me Ruijie rg-uac 6000-x20me Firmware Ruijie rg-uac 6000-x300d Ruijie rg-uac 6000-x300d Firmware Ruijie rg-uac 6000-x60 Ruijie rg-uac 6000-x60 Firmware Ruijie rg-uac 6000-xs Ruijie rg-uac 6000-xs Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-05-25T15:00:05.158Z

Updated: 2024-08-01T21:11:12.419Z

Reserved: 2024-05-24T18:49:52.526Z

Link: CVE-2024-5337

Vulnrichment

Updated: 2024-08-01T21:11:12.419Z

NVD

Status : Analyzed

Published: 2024-05-25T15:15:09.943

Modified: 2025-08-21T18:07:31.747

Link: CVE-2024-5337

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:01:16Z

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object