Ruijie Networks AP180 Series OS Command Injection Vulnerability

An OS command injection vulnerability has been identified in the AP180 series indoor wall plate wireless access points by Ruijie Networks. This vulnerability allows an attacker with access to the CLI service to execute arbitrary OS commands on the device. Affected products include the AP180(JA) and AP180(JP) models, as well as the AP180-AC and AP180-PE variants, all running firmware versions through AP_RGOS 11.9(4)B1P8.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the affected access points.

Remediation

Users are advised to update the firmware to the latest version. The AP180 series can be updated to version AP_RGOS 11.9(4)B1P9 or later. Firmware updates can be downloaded from the Ruijie Networks official website or obtained through local after-sales support.