1 Min Read
CVE-2024-4813
Originally published May 13, 2024.
Protect and safeguard your OT network and operations with the industry's most advanced, most capable cybersecurity platform.
Learn MoreDiscover and visualize every asset and every network connection in your OT environment.
Segment your network and enforce granular policies for true Zero Trust cybersecurity.
Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.
Monitor physical process signals to detect threats and prevent system damage.
With advanced technology and an expert team, Mission Secure helps organizations meet their most pressing OT security challenges.
Keep your organization secure against cyber threats and take control of your OT network.
View All IndustriesFind helpful OT and ICS cybersecurity resources, guides, and downloads.
View All ResourcesOur team of world-class OT, IT, and cybersecurity experts are setting the standard in OT cyber-protection.
Learn MoreWritten by Mission Secure
CVE-2024-4813 highlights a critical vulnerability in Ruijie RG-UAC's interface_commit.php, allowing remote attackers to execute arbitrary OS commands via manipulated arguments. In operational technology environments, such vulnerabilities pose serious risks to network infrastructure integrity and security.
From the CVE database:
A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240506. Affected is an unknown function of the file /view/networkConfig/physicalInterface/interface_commit.php. The manipulation of the argument name leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-263934 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
https://www.cve.org/CVERecord?id=CVE-2024-4813
Originally published May 13, 2024.