CVE-2019-16641 : An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overf

An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1.

Published 2024-07-16 17:15:11

Updated 2024-08-12 18:35:01

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2019-16641

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2019-16641

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 1 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-16641

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.5	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-08-12
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-16641

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2019-16641

https://0x.mk/?p=239

Ruijie EG-2000 series multiple vulnerabilities – 双草酸酯的博客

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2019-16641

Products affected by CVE-2019-16641

Exploit prediction scoring system (EPSS) score for CVE-2019-16641

CVSS scores for CVE-2019-16641

CWE ids for CVE-2019-16641

References for CVE-2019-16641