CVE-2023-30308
MEDIUMRuijie EG210G-P, EG105G-V2, NBR, and EG105G Firmware - TCP Session Hijacking via Sequence Number Leakage
Title source: llmDescription
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service.
References (1)
Core 1
Core References
Exploit, Technical Description, Third Party Advisory
https://www.ndss-symposium.org/ndss-paper/exploiting-sequence-number-leakage-tcp-hijacking-in-nat-enabled-wi-fi-networks/
Scores
CVSS v3
6.5
EPSS
0.0038
EPSS Percentile
29.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-203
Status
published
Products (7)
ruijie/rg-eg105g_firmware
ruijie/rg-eg105g_v2_firmware
ruijie/rg-eg210g-p_firmware
ruijie/rg-nbr6120-e_firmware
ruijie/rg-nbr6205-e_firmware
ruijie/rg-nbr6210-e_firmware
ruijie/rg-nbr6215-e_firmware
Published
May 28, 2024
Tracked Since
Feb 18, 2026