[Bug][Fuzz]: RPS accepts injected query string on GET wireless config by profileName #2601
Description
Describe the bug
GET wireless config by profileName with injected query string returns 200 OK.
Steps to reproduce
- Setup
- Request:
POST /api/v1/admin/wirelessconfigs HTTP/1.1\r\nAccept: application/json\r\nHost: device-management-toolkit-rps-1:8081\r\nContent-Type: application/json\r\n\r\n{\n "profileName":"profilef50ac01baf",\n "authenticationMethod":4,\n "encryptionMethod":3,\n "ssid":"ssid77d3add62a",\n "pskPassphrase":"WirelessP@ss123",\n "linkPolicy":[1],\n "ieee8021xProfile":"wired8021xProfile"}\r\n - Response:
HTTP/1.1 201 Created\r\nX-Powered-By: Express\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 199\r\nETag: W/"c7-TUNXRoHZJgmEKG+xxuFSvkU+T4s"\r\nDate: Mon, 16 Mar 2026 02:36:00 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n{"profileName":"profilef50ac01baf","authenticationMethod":4,"encryptionMethod":3,"ssid":"ssid77d3add62a","pskValue":null,"linkPolicy":[1],"tenantId":"","ieee8021xProfileName":null,"version":"382008"}
- Request:
- Test
- Request:
GET /api/v1/admin/wirelessconfigs/profilef50ac01baf?injected_query_string=123 HTTP/1.1\r\nAccept: application/json\r\nHost: device-management-toolkit-rps-1:8081\r\n\r\n - Response:
HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 199\r\nETag: W/"c7-TUNXRoHZJgmEKG+xxuFSvkU+T4s"\r\nDate: Mon, 16 Mar 2026 02:36:00 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n{"profileName":"profilef50ac01baf","authenticationMethod":4,"encryptionMethod":3,"ssid":"ssid77d3add62a","pskValue":null,"linkPolicy":[1],"tenantId":"","ieee8021xProfileName":null,"version":"382008"}
- Request:
Expected behavior
Request should fail validation (4xx) when injected query data is present.
Screenshots
No response
AMT Version
N/A
Configuration Mode
CCM
Operating System
Linux Ubuntu
AMT Device Information
No response
Service Deployment Information
No response
Additional context
No response