CVE-2023-7304
CRITICAL EXPLOITEDRuijie RG-UAC Application Management Gateway - Command Injection
Title source: llmExploitation Summary
CVE-2023-7304 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the host. Successful exploitation can yield full control of the application process and may lead to system-level access depending on the service privileges. VulnCheck has observed this vulnerability being targeted by the RondoDox botnet campaign.
References (2)
Core 2
Core References
Various Sources technical-description
exploit
https://cn-sec.com/archives/2284248.html
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/ruijie-rg-uac-nmc-sync-php-command-injection
Scores
CVSS v4
9.3
EPSS
0.0370
EPSS Percentile
88.3%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2025-10-14
CWE
CWE-78
Status
published
Products (1)
Ruijie Networks Co., Ltd./RG-UAC
Published
Oct 15, 2025
Tracked Since
Feb 18, 2026