FIRSTNUM JC21A-04 OS Command Injection Vulnerability Allowing Root Privileges

A command injection vulnerability has been identified in FIRSTNUM JC21A-04 devices running software versions through 2.01ME/FN. This vulnerability allows authenticated attackers to execute arbitrary operating system commands with root privileges. The issue arises when crafted payloads are sent to the 'xml_action.cgi?method=' endpoint, specifically targeting the 'max_num' parameter, which is related to Wi-Fi connected devices.

Impact

Exploitation of this vulnerability leads to unauthorized execution of OS commands with root privileges on the affected device.

Reproduction

To reproduce this vulnerability, an authenticated attacker can send a crafted payload to the 'xml_action.cgi?method=' endpoint, using the 'max_num' parameter. This can be done through an HTTP request that includes the malicious payload, which will be executed on the device's operating system with root privileges.