Ruijie RG-BCR OS Command Injection Vulnerability

An OS command injection vulnerability has been identified in the Ruijie RG-BCR860 model. This vulnerability allows authenticated remote attackers to execute arbitrary commands on the device. The issue arises when specially crafted POST requests are sent to the action_diagnosis endpoint, located in the Lua controller for administration diagnosis.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of system commands, potentially allowing attackers to manipulate the device's operating system or installed applications.

Reproduction

To reproduce this vulnerability, send a POST request to the action_diagnosis endpoint of the affected device. The request must be crafted to include commands that the attacker wishes to execute on the system. This can be done by embedding the commands in the request payload in a way that the device's command execution mechanism will process them.