CVE-2024-47146— Ruijie Reyee OS Resource Leak
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-47146
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ruijie Reyee OS Resource Leak
Source: NVD (National Vulnerability Database)
Vulnerability Description
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
将私有的资源传输到一个新的空间(资源泄露)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ruijie Networks ReyeeOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ruijie Networks ReyeeOS是中国锐捷网络(Ruijie Networks)公司的一款路由器。 Ruijie Networks ReyeeOS 2.206.x版本至2.320.x之前版本存在安全漏洞。攻击者利用该漏洞可以获取设备序列号。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-47146
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-47146
请登录查看更多情报信息。
Same Patch Batch · Ruijie · 2024-12-06 · 10 CVEs total
| CVE-2024-48874 | 9.8 CRITICAL | Ruijie Reyee OS Server-Side Request Forgery |
| CVE-2024-52324 | 9.8 CRITICAL | Ruijie Reyee OS Use of Inherently Dangerous Function |
| CVE-2024-47547 | 9.4 CRITICAL | Ruijie Reyee OS Weak Password Recovery Mechanism for Forgotten Password |
| CVE-2024-46874 | 8.1 HIGH | Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges |
| CVE-2024-45722 | 7.5 HIGH | Ruijie Reyee OS Use of Weak Credentials |
| CVE-2024-47043 | 7.5 HIGH | Ruijie Reyee OS Insecure Storage of Sensitive Information |
| CVE-2024-47791 | 7.5 HIGH | Ruijie Reyee OS Improper Neutralization of Wildcards or Matching Symbols |
| CVE-2024-51727 | 6.5 MEDIUM | Ruijie Reyee OS Premature Release of Resource During Expected Lifetime |
| CVE-2024-42494 | 6.5 MEDIUM | Ruijie Reyee OS Exposure of Private Personal Information to an Unauthorized Actor |
IV. Related Vulnerabilities
Same product: Reyee OS
- CVE-2024-52324
Ruijie Reyee OS Use of Inherently Dangerous Function - CVE-2024-48874
Ruijie Reyee OS Server-Side Request Forgery - CVE-2024-46874
Ruijie Reyee OS Improper Handling of Insufficient Permission - CVE-2024-47791
Ruijie Reyee OS Improper Neutralization of Wildcards or Matc - CVE-2024-45722
Ruijie Reyee OS Use of Weak Credentials
Same vendor: Ruijie
- CVE-2023-53881
ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution v - CVE-2025-11141
Ruijie NBR2100G-E branch_passw.php listAction os command inj - CVE-2025-10774
Ruijie 6000-E10 sub_commit.php os command injection - CVE-2025-9424
Ruijie WS7204-A branch_import.php os command injection - CVE-2025-8763
Ruijie EG306MG strongSwan strongswan.conf missing encryption
V. Comments for CVE-2024-47146
No comments yet