CVE-2024-52324

Summary

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands.

Affected Software

VendorProductVersion RangeStatus
RuijieReyee OS2.206.x < 2.320.xaffected

Weaknesses

  • CWE-242: CWE-242

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References