CVE-2024-45722
Ruijie Reyee OS Use of Weak Credentials
In short
Ruijie Reyee OS uses weak credentials for MQTT connections, allowing attackers to easily guess or calculate login information and gain unauthorized access to the system.
Technical detail
CVE-2024-45722 affects Ruijie Reyee OS 2.206.x through 2.319.x and involves a weak credential generation mechanism in MQTT authentication. An attacker can leverage predictable or easily calculable credentials to authenticate to MQTT services without valid authorization, potentially gaining control over device functions or data.
Summary generated and translated by AI from the official description.
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Ruijie · Reyee OSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →