Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Ruijie NBR1300G Cli Password Leak

By kannthu

Medium
Vidoc logoVidoc Module
#ruijie#exposure
Description

What is the "Ruijie NBR1300G Cli Password Leak?" module?

The "Ruijie NBR1300G Cli Password Leak" module is designed to detect a vulnerability in the Ruijie NBR1300G router. This vulnerability allows unauthorized access to the router's command-line interface (CLI) password. The severity of this vulnerability is classified as medium.

This module was authored by pikpikcu.

Impact

If exploited, this vulnerability could allow an attacker to gain unauthorized access to the Ruijie NBR1300G router's CLI password. This could potentially lead to further unauthorized actions and compromise the security of the network.

How does the module work?

The module sends an HTTP POST request to the router's "/WEB_VMS/LEVEL15/" endpoint with specific parameters. It then checks the response for two matching conditions:

    - The response body contains the phrase "webmaster level 2 username guest password guest". - The response status code is 200.

If both conditions are met, the module reports a vulnerability.

Example HTTP request:

POST /WEB_VMS/LEVEL15/ HTTP/1.1
Host: <Hostname>
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=

command=show webmaster user&strurl=exec%04&mode=%02PRIV_EXEC&signname=Red-Giant.

Note: Replace <Hostname> with the actual hostname of the target router.

Reference - Ruijie NBR1300G Router CLI Command Execution Vulnerability - Additional Reference

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: webmaster level 2 username guest passwor...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability