Security
Headlines
HeadlinesLatestCVEs

Headline

Ruijie RG-EW Remote Code Execution

Ruijie RG-EW series routers suffer from six different remote code execution vulnerabilities. Findings were tested on Ruijie RG-EW1200 and Ruijie RG-EW1200G PRO.

Packet Storm
#vulnerability#rce#oauth#auth

Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers

=======
Summary
=======

Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).

==============
CVE-2021-43159
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the setSessionTime function in /cgi-bin/luci/api/common.

Details

  • Type: Post-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/common.lua
    Function: setSessionTime
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO

==============
CVE-2021-43160
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the switchFastDhcp function in /cgi-bin/luci/api/diagnose.

Details

  • Type: Post-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/diagnose.lua
    Function: switchFastDhcp
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO

==============
CVE-2021-43161
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the doSwitchApi function in /cgi-bin/luci/api/switch.

Details

  • Type: Post-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/switch.lua
    Function: doSwitchApi
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO

==============
CVE-2021-43162
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the runPackDiagnose function in /cgi-bin/luci/api/diagnose.

Details

  • Type: Post-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/diagnose.lua
    Function: runPackDiagnose
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO

==============
CVE-2021-43163
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the checkNet function in /cgi-bin/luci/api/auth.

Details

  • Type: Pre-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/noauth.lua
    Function: checkNet
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO

==============
CVE-2021-43164
==============

Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55
via the updateVersion function in /cgi-bin/luci/api/wireless.

Details

  • Type: Post-authenticated RCE / Command Injection
  • Discoverer: Minh Khoa of VSEC
  • Affected Component:
    File: /usr/lib/lua/luci/modules/wireless.lua
    Function: updateVersion
  • Tested on: Ruijie RG-EW1200, Ruijie RG-EW1200G PRO


Khoa

Packet Storm: Latest News

Scapy Packet Manipulation Tool 2.6.1