CVE-2023-53881

UNKNOWN 0.0

ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution via CWMP

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by exploiting the unprotected HTTP polling requests.

CWE	CWE-319
Vendor	ruijie
Product	reyeeos
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for ruijie reyeeos

Be the first to know when new unknown vulnerabilities affecting ruijie reyeeos are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Ruijie / ReyeeOS

1.204.1614

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51642 ruijienetworks.com: https://ruijienetworks.com vulncheck.com: https://www.vulncheck.com/advisories/reyeeos-man-in-the-middle-remote-code-execution-via-cwmp

Credits

Riyan Firmansyah of Seclab