Filtered by vendor Ruijie
                         Subscriptions
                    
                    
                
                        Filtered by product Eg-2000se
                         Subscriptions
                    
                    
                
                    Total
                    4 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2019-16640 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 7.5 High | 
| An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled (%00 and /var/./html are not checked), which can allow an attacker to upload any file to the gateway. This affects EG-2000SE EG_RGOS 11.9 B11P1. | ||||
| CVE-2019-16639 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 9.8 Critical | 
| An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET commands and/or show admin passwords via the mode_url=exec&command= substring. This affects EG-2000SE EG_RGOS 11.9 B11P1. | ||||
| CVE-2019-16641 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-07-09 | 8.4 High | 
| An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1. | ||||
| CVE-2019-16638 | 1 Ruijie | 2 Eg-2000se, Eg-2000se Firmware | 2025-03-18 | 7.5 High | 
| An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EG_RGOS 11.1(1)B1. | ||||
                            
                                
                                
                                    Page 1 of 1.