Ruijie APs Command-Injection Vulnerability in AP_RGOS 11.1.x

A command-injection vulnerability has been identified in Ruijie access points running AP_RGOS 11.1.x. This vulnerability allows an authenticated administrative user to execute arbitrary shell commands with root privileges. The issue arises from improper handling of user input in a diagnostic management function, which could lead to unauthorized file access, device disruption, and potential network pivoting. The vulnerability is present in the RG-AP720-L model on firmware version 11.1(9)B1P21, released on June 21, 2018.

Impact

Exploitation of this vulnerability could allow an authenticated administrator to execute system commands with elevated privileges, potentially disrupting device functionality or integrity. In some network setups, this could also affect connected devices or infrastructure.

Remediation

Administrative access should be restricted to trusted networks or via VPN. It is also advisable to rotate administrative passwords and implement strong authentication measures.