RG-UAC Ruijie Information Disclosure Scanner

RG-UAC Ruijie is widely used by organizations that require secure and reliable network access control solutions. It is utilized in enterprises, educational institutions, and government sectors to manage user access, monitor network activity, and implement security policies. This product is known for its robust performance and scalability, catering to a wide range of user counts and security requirements. Ruijie Networks offers comprehensive support and integration with existing network infrastructures. The RG-UAC firmware is regularly updated to patch vulnerabilities and improve system stability. Organizations rely on this solution to maintain a secure and efficient network environment.

The Credential Disclosure vulnerability detected in the RG-UAC Ruijie product involves the exposure of sensitive information such as usernames, roles, and password hashes through the web admin login interface. This information leakage can be leveraged by attackers to gain unauthorized access to the devices. The potential for misuse of these credentials makes this a critical vulnerability that needs immediate attention. Credential Disclosure vulnerabilities can lead to unauthorized administrative access, compromising the security posture of the affected devices. Protecting against such disclosures is essential to prevent security breaches and maintain the integrity of the organization's network.

Technical details of this vulnerability include the presence of credentials embedded within the source code of the web admin login page. These include usernames, roles such as "super_admin", "guest_admin", "reporter_admin", and their associated MD5 password hashes. Matchers in the scanner detect these roles in the HTTP response of the admin page, confirming the presence of leaked credentials. The vulnerability is triggered under conditions where the page returns a 200 status code and contains the specified roles within the response body. The leakage occurs due to improper handling and exposure of sensitive information within the web interface.

Once exploited, this vulnerability can lead to significant security risks for the affected network devices. Attackers gaining access to administrative accounts can alter device configurations, potentially disrupting network operations. In a worst-case scenario, confidential data might be exfiltrated or the network used as a launching point for further attacks on the organization. Implementing preventative measures is crucial to avoid such exploitation scenarios resulting in financial and reputational damages.

REFERENCES

• https://forum.butian.net/share/177
• https://www.ruijie.com.cn/gy/xw-aqtg-zw/86924/
• https://www.cnvd.org.cn/flaw/show/CNVD-2021-14536