Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Ruijie EG Easy Gateway - Remote Command Execution

By kannthu

Vidoc logoVidoc Module

What is "Ruijie EG Easy Gateway - Remote Command Execution?"

The "Ruijie EG Easy Gateway - Remote Command Execution" module is designed to detect a vulnerability in the Ruijie EG Easy Gateway software. This vulnerability allows for remote command execution, which can lead to the disclosure of administrator account credentials. The severity of this vulnerability is classified as critical.

This module was authored by pikpikcu and pdteam.


If exploited, the remote command execution vulnerability in Ruijie EG Easy Gateway can have severe consequences. An attacker can gain unauthorized access to the administrator account and potentially compromise the entire system. This can result in unauthorized data access, modification, or even complete system takeover.

How the module works?

The module works by sending a specific HTTP request to the target Ruijie EG Easy Gateway login page. The request is designed to exploit the vulnerability and trigger the remote command execution. The module then analyzes the response to determine if the vulnerability is present.

Here is an example of the HTTP request:

POST /login.php HTTP/1.1
Host: <Hostname>
Content-Type: application/x-www-form-urlencoded


The module uses several matching conditions to confirm the presence of the vulnerability:

- The response body must contain the following words: "data", "status:1", and "admin". - The response header must contain the word "text/json". - The HTTP status code must be 200.

If all the matching conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: "data":, "status":1, adminand
word: text/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability