|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-09-11 | |
| Rule Name: | RuiJie Router Remote Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | On the WEB management page, after logging in to the device with the administrator's username and password, some operation commands can be executed through the WEB management page, and an interface on the device can read the return value of these operation commands. The interface does not adequately filter the malicious commands in the return value, causing the device to be remotely executed some malicious commands through the CLI, which affects the normal operation of the device. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows | |
| Reference: | http://www.ruijie.com.cn/gy/xw-zxzx/82330/ |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.ruijie.com.cn/fw/rj/ |