The vulnerability of the vpnAction function (/itbox_pi/vpn_quickset_service.php?a=set_vpn) in the microprogramming software for Ruijie’s RG-EG series routers allows a hacker to execute arbitrary commands.

The vulnerability of the vpnAction function /itboxpi/vpnquicksetservice.php?a=setvpn of the Ruijie RG-EG series router microprogramming software is related to the failure to eliminate special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to...