Approved changes feed: RSS · Atom
cpe:2.3:a:ruijie_networks_co.,_ltd.:rg-uac:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ruijie Networks Co., Ltd. (ff6ca98e-7103-5e08-b2bd-a617bd60abdb) |
|---|---|
| Product | Rg Uac (ecf0c4a1-0712-5bc9-8c6c-c521f35dade8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7304 |
vulnerable | 2026-06-08 06:21:57.513587 |
Ruijie RG-UAC nmc_sync.php Command Injection
Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the host. Successful exploitation can yield full control of the application process and may lead to system-level access depending on the service privileges. VulnCheck has observed this vulnerability being targeted by the RondoDox botnet campaign.
Published: 2025-10-15T01:22:10.130Z
Updated: 2025-11-21T16:17:56.857Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.