A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 29 Sep 2025 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Ruijie rg-es205gc
Ruijie rg-es205gc-p
Ruijie rg-es205gc-p Firmware
Ruijie rg-es205gc Firmware
Ruijie rg-es206gc-p
Ruijie rg-es206gc-p Firmware
Ruijie rg-es206gs-p
Ruijie rg-es206gs-p Firmware
Ruijie rg-es206mg-p
Ruijie rg-es206mg-p Firmware
Ruijie rg-es208gc
Ruijie rg-es208gc Firmware
Ruijie rg-es209gc-p
Ruijie rg-es209gc-p Firmware
Ruijie rg-es209mg-p
Ruijie rg-es209mg-p Firmware
Ruijie rg-es210gc-lp
Ruijie rg-es210gc-lp Firmware
Ruijie rg-es210gs-p
Ruijie rg-es210gs-p Firmware
Ruijie rg-es216gc
Ruijie rg-es216gc-v2
Ruijie rg-es216gc-v2 Firmware
Ruijie rg-es216gc Firmware
Ruijie rg-es218gc-p
Ruijie rg-es218gc-p Firmware
Ruijie rg-es220gs-p
Ruijie rg-es220gs-p Firmware
Ruijie rg-es224gc
Ruijie rg-es224gc-v2
Ruijie rg-es224gc-v2 Firmware
Ruijie rg-es224gc Firmware
Ruijie rg-es226gc-p
Ruijie rg-es226gc-p Firmware
Ruijie rg-es228gs-p
Ruijie rg-es228gs-p Firmware
Ruijie rg-nis2100-4gt2sfp-hp
Ruijie rg-nis2100-4gt2sfp-hp Firmware
Ruijie rg-nis2100-8gt2sfp-hp
Ruijie rg-nis2100-8gt2sfp-hp Firmware
CPEs cpe:2.3:h:ruijie:rg-es205gc-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es205gc:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es206gc-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es206gs-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es206mg-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es208gc:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es209gc-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es209mg-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es210gc-lp:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es210gs-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es216gc-v2:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es216gc:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es218gc-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es220gs-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es224gc-v2:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es224gc:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es226gc-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-es228gs-p:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-nis2100-4gt2sfp-hp:-:*:*:*:*:*:*:*
cpe:2.3:h:ruijie:rg-nis2100-8gt2sfp-hp:-:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es206mg-p_firmware:esw_1.0\(1\)b1p42_release\(12142711\):*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es209mg-p_firmware:esw_1.0\(1\)b1p42_release\(12142711\):*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es210gc-lp_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es216gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es224gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-nis2100-4gt2sfp-hp_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
cpe:2.3:o:ruijie:rg-nis2100-8gt2sfp-hp_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:*
Vendors & Products Ruijie rg-es205gc
Ruijie rg-es205gc-p
Ruijie rg-es205gc-p Firmware
Ruijie rg-es205gc Firmware
Ruijie rg-es206gc-p
Ruijie rg-es206gc-p Firmware
Ruijie rg-es206gs-p
Ruijie rg-es206gs-p Firmware
Ruijie rg-es206mg-p
Ruijie rg-es206mg-p Firmware
Ruijie rg-es208gc
Ruijie rg-es208gc Firmware
Ruijie rg-es209gc-p
Ruijie rg-es209gc-p Firmware
Ruijie rg-es209mg-p
Ruijie rg-es209mg-p Firmware
Ruijie rg-es210gc-lp
Ruijie rg-es210gc-lp Firmware
Ruijie rg-es210gs-p
Ruijie rg-es210gs-p Firmware
Ruijie rg-es216gc
Ruijie rg-es216gc-v2
Ruijie rg-es216gc-v2 Firmware
Ruijie rg-es216gc Firmware
Ruijie rg-es218gc-p
Ruijie rg-es218gc-p Firmware
Ruijie rg-es220gs-p
Ruijie rg-es220gs-p Firmware
Ruijie rg-es224gc
Ruijie rg-es224gc-v2
Ruijie rg-es224gc-v2 Firmware
Ruijie rg-es224gc Firmware
Ruijie rg-es226gc-p
Ruijie rg-es226gc-p Firmware
Ruijie rg-es228gs-p
Ruijie rg-es228gs-p Firmware
Ruijie rg-nis2100-4gt2sfp-hp
Ruijie rg-nis2100-4gt2sfp-hp Firmware
Ruijie rg-nis2100-8gt2sfp-hp
Ruijie rg-nis2100-8gt2sfp-hp Firmware

Thu, 04 Sep 2025 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Ruijie
Ruijie rg-es
Vendors & Products Ruijie
Ruijie rg-es

Wed, 03 Sep 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
Metrics cvssV3_1

{'score': 9.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 03 Sep 2025 17:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-09-03T17:48:21.937Z

Reserved: 2025-08-17T00:00:00.000Z

Link: CVE-2025-56752

cve-icon Vulnrichment

Updated: 2025-09-03T17:47:36.191Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-03T18:15:35.363

Modified: 2025-09-29T18:36:43.327

Link: CVE-2025-56752

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-04T13:12:26Z