Jointelli 5G CPE OS Command Injection Vulnerability

A blind OS command injection vulnerability has been identified in Jointelli 5G CPE devices running firmware JY_21H01_A3_v1.36. This vulnerability affects multiple endpoints, including those related to WPS pin management, network applications, and Wi-Fi configuration. Authenticated attackers can exploit this vulnerability to execute arbitrary OS commands with root privileges by sending crafted inputs through various fields such as SSID, WPS, Traceroute, and Ping.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution with root privileges, potentially leading to unauthorized access or control over the device.

Reproduction

To reproduce this vulnerability, an authenticated user must send crafted inputs containing malicious OS commands to the affected endpoints via the SSID, WPS, Traceroute, and Ping fields. The device will execute these commands with root privileges, demonstrating the command injection flaw.