Vendor of Product: Ruijie Networks

Affected Product and Version: EG306MG EG_3.0(1)B11P309

Description: In Ruijie Networks EG306MG EG_3.0(1)B11P309 PoE Gateway, the i_dont_care_about_security_and_use_aggressive_mode_psk property is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK.

Detail:

In the Ruijie Networks EG306MG EG_3.0(1)B11P309 firmware, the content of /etc/strongswan.conf is as follows.

charon {
	threads = 64
	max_child_sas = 10
	retransmit_tries = 3
	retransmit_timeout = 4.0
    	retransmit_base = 1.1
	plugins {
		sql {
			loglevel = -1
		}
		kernel-netlink {
			roam_events=no
		}
		socket-default {
			use_ipv6 = yes
		}
	}
	i_dont_care_about_security_and_use_aggressive_mode_psk=yes
    filelog {
        /var/log/strongswan-log {
            time_format = %b %e %T
            ike_name = yes
            append = no
            default = 1
            flush_line =yes
        }
        stderr {
            ike = 2
            knl = 3
        }
    }
}

Within, the dangerous property i_dont_care_about_security_and_use_aggressive_mode_psk is enabled.

The official documentation of strongswan (https://docs.strongswan.org/docs/latest/config/strongswanConf.html) states the following requirements.

i_dont_care_about_security_and_use_aggressive_mode_psk   no

If enabled, IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys (PSKs). This is strongly discouraged due to security concerns (offline attacks on the openly transmitted hash of the PSK).

Clearly, there is a misconfiguration vulnerability here. IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK.