CVE-2024-47043— Ruijie Reyee OS Insecure Storage of Sensitive Information
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-47043
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ruijie Reyee OS Insecure Storage of Sensitive Information
Source: NVD (National Vulnerability Database)
Vulnerability Description
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感信息的不安全存储
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ruijie Networks ReyeeOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ruijie Networks ReyeeOS是中国锐捷网络(Ruijie Networks)公司的一款路由器。 Ruijie Networks ReyeeOS 2.206.x版本至2.320.x之前版本存在安全漏洞。攻击者利用该漏洞可以将设备序列号与用户的电话号码和部分电子邮件地址关联起来。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-47043
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-47043
请登录查看更多情报信息。
Same Patch Batch · Ruijie · 2024-12-06 · 10 CVEs total
| CVE-2024-48874 | 9.8 CRITICAL | Ruijie Reyee OS Server-Side Request Forgery |
| CVE-2024-52324 | 9.8 CRITICAL | Ruijie Reyee OS Use of Inherently Dangerous Function |
| CVE-2024-47547 | 9.4 CRITICAL | Ruijie Reyee OS Weak Password Recovery Mechanism for Forgotten Password |
| CVE-2024-46874 | 8.1 HIGH | Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges |
| CVE-2024-45722 | 7.5 HIGH | Ruijie Reyee OS Use of Weak Credentials |
| CVE-2024-47791 | 7.5 HIGH | Ruijie Reyee OS Improper Neutralization of Wildcards or Matching Symbols |
| CVE-2024-51727 | 6.5 MEDIUM | Ruijie Reyee OS Premature Release of Resource During Expected Lifetime |
| CVE-2024-42494 | 6.5 MEDIUM | Ruijie Reyee OS Exposure of Private Personal Information to an Unauthorized Actor |
| CVE-2024-47146 | 6.5 MEDIUM | Ruijie Reyee OS Resource Leak |
IV. Related Vulnerabilities
Same product: Reyee OS
- CVE-2024-47146
Ruijie Reyee OS Resource Leak - CVE-2024-52324
Ruijie Reyee OS Use of Inherently Dangerous Function - CVE-2024-48874
Ruijie Reyee OS Server-Side Request Forgery - CVE-2024-46874
Ruijie Reyee OS Improper Handling of Insufficient Permission - CVE-2024-47791
Ruijie Reyee OS Improper Neutralization of Wildcards or Matc
Same vendor: Ruijie
- CVE-2023-53881
ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution v - CVE-2025-11141
Ruijie NBR2100G-E branch_passw.php listAction os command inj - CVE-2025-10774
Ruijie 6000-E10 sub_commit.php os command injection - CVE-2025-9424
Ruijie WS7204-A branch_import.php os command injection - CVE-2025-8763
Ruijie EG306MG strongSwan strongswan.conf missing encryption
Same weakness: CWE-922
- CVE-2026-40868
kyverno apicall servicecall implicit bearer token injection - CVE-2026-26152
Microsoft Cryptographic Services Elevation of Privilege Vuln - CVE-2026-5666
code-projects Online FIR System SQL Database Backup File com - CVE-2026-5650
code-projects Online Application System for Admission oas.sq - CVE-2025-10734
ReviewX – WooCommerce Product Reviews with Multi-Criteria, R
V. Comments for CVE-2024-47043
No comments yet