Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#ruijie#lfi#edb
Description

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion

What is the "Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion?"

The "Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion" module is designed to detect a vulnerability in the Ruijie Networks Switch eWeb software version S29_RGOS 11.4. This vulnerability allows an attacker to include local files from the server by exploiting a misconfiguration in the software.

This module has a high severity level, indicating that it poses a significant risk to the security of the affected system.

Impact

A successful exploitation of this vulnerability can lead to unauthorized access to sensitive files on the server. This can potentially expose confidential information, such as configuration files, credentials, or other sensitive data. Attackers can leverage this information to further compromise the system or launch additional attacks.

How the module works?

The module sends an HTTP GET request to the vulnerable Ruijie Networks Switch eWeb server, targeting the "/download.do?file=../../../../config.text" endpoint. It then applies several matching conditions to determine if the vulnerability is present:

- The response header must contain the following words: "filename=\"config.text\"" and "Content-Type: application/octet-stream". - The response body must contain the word "version S29_RGOS 11.4". - The HTTP status code must be 200.

If all the matching conditions are met, the module reports the vulnerability, indicating that the server is susceptible to local file inclusion.

To mitigate this vulnerability, it is recommended to apply the necessary patches or updates provided by Ruijie Networks. Additionally, access controls should be implemented to restrict unauthorized access to sensitive files and directories.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/download.do?file=.....
Matching conditions
word: filename="config.text", Content-Type: ap...and
word: version S29_RGOS 11.4and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability