Ruijie RG-EW1200G PRO and RG-EW1200R OS Command Injection Vulnerability

An OS command injection vulnerability has been identified in the Ruijie RG-EW1200G PRO (versions 1.00, 2.00, 3.00, and 4.00) and the RG-EW1200R running ReyeeOS301. This vulnerability allows authenticated remote attackers to execute arbitrary commands on the affected device by sending specially crafted POST requests to the 'module_set' in the file '/usr/local/lua/dev_config/config_retain.lua'.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device.

Reproduction

To reproduce this vulnerability, send a POST request to the 'module_set' endpoint in the '/usr/local/lua/dev_config/config_retain.lua' file. The request must be crafted to include the desired commands for execution. This can be done using a tool like curl or Postman, ensuring that the request is sent with the appropriate authentication.