CVE-2023-7330
Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
24 nov 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of file type, path, or extension. A remote attacker can upload a crafted PHP file and then access it from the web root, resulting in arbitrary code execution in the context of the web service. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-14 UTC.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Beijing Star-Net Ruijie Network Technology Co., Ltd. · NBR Series RoutersReferencias
https://cn-sec.com/archives/1995366.htmlhttps://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/ruijie/ruijie-nbr-fileupload.yamlhttps://rfk0z.github.io/posts/Ruijie-NBR-router-fileupload-php-arbitrary-file-upload-vulnerability/https://www.cnblogs.com/Domren/articles/19093295https://www.vulncheck.com/advisories/ruijie-networks-nbr-routers-unauthenticated-arbitrary-file-upload-via-fileuploadphp