CVE-2024-6269
Published: 23 June 2024
Summary
CVE-2024-6269 is a medium-severity Command Injection (CWE-77) vulnerability in Ruijie Rg-Uac Firmware. Its CVSS base score is 5.1 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 23.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-47389
Vulnerability details
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection.…
more
The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269482 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a command injection in an HTTP POST handler (/view/vpn/autovpn/sxh_vpnlic.php) of a public-facing web application on Ruijie RG-UAC, enabling exploitation of public-facing applications (T1190). It facilitates indirect command execution via the get_ip.addr_details function leading to exec() (T1202, as mapped in advisory), and execution via command and scripting interpreter (T1059, likely Unix Shell on the network device).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.