CVE-2023-38902 Information

Description

An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204 RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P218 RG-EG series business VPN routers v.EG_3.0(1)B11P216 EAP and RAP series wireless access points v.AP_3.0(1)B11P218 and NBC series wireless controllers v.AC_3.0(1)B11P86 allows a remote attacker to execute arbitrary code via the unifyframe-sgi.elf component in sub_40DA38.

Reference

http://rg-ew.com https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 http://ruijie.com