CVE-2024-28288
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/03/2024
Last modified:
30/06/2025
Description
Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can use this vulnerability to log in to the device and disrupt the business of the enterprise.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:ruijie:rg-nbr700gw_firmware:10.3\(4b12\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruijie:rg-nbr700gw:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/adminquit/CVE-2024-28288/blob/d8223c6d45af877669c27fa0a95adfe51924fa86/CVE-2024-28288/CVE-2024-28288.md
- https://pan.baidu.com/s/1H4J_eA6wSCnDEsUSAWIzsg?pwd=CVE1
- https://github.com/adminquit/CVE-2024-28288/blob/d8223c6d45af877669c27fa0a95adfe51924fa86/CVE-2024-28288/CVE-2024-28288.md
- https://pan.baidu.com/s/1H4J_eA6wSCnDEsUSAWIzsg?pwd=CVE1