Filtered by vendor Ruijie
                         Subscriptions
                    
                    
                
                        Filtered by product Reyee Os
                         Subscriptions
                    
                    
                
                    Total
                    8 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2024-42936 | 1 Ruijie | 2 Reyee Os, Rg-ew300n | 2025-06-18 | 9.8 Critical | 
| The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is vulnerable to Remote Code Execution via a modified MQTT broker message. | ||||
| CVE-2024-47547 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 9.4 Critical | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks. | ||||
| CVE-2024-45722 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 7.5 High | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials. | ||||
| CVE-2024-46874 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 8.1 High | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud. | ||||
| CVE-2024-47791 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 7.5 High | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices. | ||||
| CVE-2024-48874 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 9.8 Critical | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services. | ||||
| CVE-2024-52324 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 9.8 Critical | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands. | ||||
| CVE-2024-47043 | 2 Ruijie, Ruijienetworks | 2 Reyee Os, Reyee Os | 2024-12-10 | 7.5 High | 
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address. | ||||
                            
                                
                                
                                    Page 1 of 1.