Security Advisory

CVE-2023-53881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-15 20:28:19
Last updated 2026-04-07 14:07:07
Assigner VulnCheck
State PUBLISHED

Description

ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by exploiting the unprotected HTTP polling requests.