CVE-2023-7330
Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
24 nov 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of file type, path, or extension. A remote attacker can upload a crafted PHP file and then access it from the web root, resulting in arbitrary code execution in the context of the web service. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-14 UTC.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Referências
https://cn-sec.com/archives/1995366.htmlhttps://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/ruijie/ruijie-nbr-fileupload.yamlhttps://rfk0z.github.io/posts/Ruijie-NBR-router-fileupload-php-arbitrary-file-upload-vulnerability/https://www.cnblogs.com/Domren/articles/19093295https://www.vulncheck.com/advisories/ruijie-networks-nbr-routers-unauthenticated-arbitrary-file-upload-via-fileuploadphp