Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Ruijie NBR1300G Cli Password Leak" module is designed to detect a vulnerability in the Ruijie NBR1300G router. This vulnerability allows unauthorized access to the router's command-line interface (CLI) password. The severity of this vulnerability is classified as medium.
This module was authored by pikpikcu.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to the Ruijie NBR1300G router's CLI password. This could potentially lead to further unauthorized actions and compromise the security of the network.
The module sends an HTTP POST request to the router's "/WEB_VMS/LEVEL15/" endpoint with specific parameters. It then checks the response for two matching conditions:
If both conditions are met, the module reports a vulnerability.
Example HTTP request:
POST /WEB_VMS/LEVEL15/ HTTP/1.1
Host: <Hostname>
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
command=show webmaster user&strurl=exec%04&mode=%02PRIV_EXEC&signname=Red-Giant.
Note: Replace <Hostname> with the actual hostname of the target router.
Reference - Ruijie NBR1300G Router CLI Command Execution Vulnerability - Additional Reference