Ruijie Networks EG306MG Missing Encryption Vulnerability in strongSwan Configuration

A vulnerability exists in the Ruijie Networks EG306MG version 3.0(1)B11P309, specifically within the strongSwan component. The issue arises from a misconfiguration in the strongSwan configuration file, /etc/strongswan.conf. The vulnerability allows the use of IKEv1 Aggressive Mode with Pre-Shared Keys, which could lead to offline attacks on the transmitted hash of the PSK. This vulnerability allows for missing encryption of sensitive data, with the potential for remote exploitation.

Impact

Exploitation of this vulnerability could result in missing encryption of sensitive data, allowing for interception and potential misuse of unprotected information.

Reproduction

The vulnerability can be reproduced by enabling the 'i_dont_care_about_security_and_use_aggressive_mode_psk' property in the strongSwan configuration file. This setting allows IKE Responders to use IKEv1 Aggressive Mode with Pre-Shared Keys, creating a vulnerability that could be exploited offline.