Compare Products
Hide
VS
Home > Security Bulletins >Statement About the Remote Code Execution Vulnerability in Some EG/NBR Series Gateways
Vulnerability Description
A remote code execution vulnerability exists in the EWEB management system of some gateway products of Ruijie Networks. Attackers may exploit this vulnerability to obtain access rights using front-end codes, and conduct attacks after controlling a device.
Affected Products and Versions
The following table lists affected product models and versions.
Affected Model | Affected Version |
RG-EG2100-P V2 RG-EG3230 RG-EG3250 RG-EG3000XE RG-EG2000CE RG-NBR6120-E RG-NBR6125-E RG-NBR6205-E RG-NBR6210-E |
Versions earlier than RGOS 11.9(1)B11S3, Release(07242723) |
Double-click the image to view the complete spreadsheet.
Vulnerability Level
CVSS: 10.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
Solution
Upgrade the device to EG_RGOS 11.9(1)B11S3, Release(07242723) or a later version. You are advised to upgrade it to EG_RGOS 11.9(6)B17, the latest version on the official website.
Version download link: https://www.ruijienetworks.com/resources/products
Ensure that access control is properly set to restrict web management permissions and allow access only from specified trusted IP addresses. Change web management, VPN, SSH, and Telnet passwords.
Workaround
1.Restrict intranet and extranet access to the EWEB management system of the device.
Alternatively, run the following commands on the CLI:
config
control-plane
security deny lan-web
security deny wan-web
security web permit 192.168.1.5 (192.168.1.5 is configured as the management IP address.)
security deny wan tcp port 2060
security deny wan tcp port 2061
security deny wan tcp port 20097
exit
write
2.Change the password to a strong password.
3.Disable local server authentication and screen mirroring, and verify the configurations on the EWEB management system.
Alternatively, run the following commands on the CLI:
no app-auth local-auth enable --Disable authentication.
no app-auth enable --Disable authentication.
no upnp-proxy enable --Disable screen mirroring.
Service Support
If you have any questions, contact technical support at https://www.ruijienetworks.com/rita.
Ruijie Networks websites use cookies to deliver and improve the website experience.
See our cookie policy for further details on how we use cookies and how to change your cookie settings.
Cookie Manager
When you visit any website, the website will store or retrieve the information on your browser. This process is mostly in the form of cookies. Such information may involve your personal information, preferences or equipment, and is mainly used to enable the website to provide services in accordance with your expectations. Such information usually does not directly identify your personal information, but it can provide you with a more personalized network experience. We fully respect your privacy, so you can choose not to allow certain types of cookies. You only need to click on the names of different cookie categories to learn more and change the default settings. However, blocking certain types of cookies may affect your website experience and the services we can provide you.
Through this type of cookie, we can count website visits and traffic sources in order to evaluate and improve the performance of our website. This type of cookie can also help us understand the popularity of the page and the activity of visitors on the site. All information collected by such cookies will be aggregated to ensure the anonymity of the information. If you do not allow such cookies, we will have no way of knowing when you visited our website, and we will not be able to monitor website performance.
This type of cookie is necessary for the normal operation of the website and cannot be turned off in our system. Usually, they are only set for the actions you do, which are equivalent to service requests, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or remind you of such cookies, but certain functions of the website will not be available. Such cookies do not store any personally identifiable information.
Fale conosco
How can we help you?