A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.
Metrics
Affected Vendors & Products
References
History
Thu, 04 Sep 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ruijie
Ruijie rg-es |
|
Vendors & Products |
Ruijie
Ruijie rg-es |
Wed, 03 Sep 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-287 | |
Metrics |
cvssV3_1
|
Wed, 03 Sep 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-09-03T17:48:21.937Z
Reserved: 2025-08-17T00:00:00.000Z
Link: CVE-2025-56752

Updated: 2025-09-03T17:47:36.191Z

Status : Awaiting Analysis
Published: 2025-09-03T18:15:35.363
Modified: 2025-09-04T15:35:29.497
Link: CVE-2025-56752

No data.

Updated: 2025-09-04T13:12:26Z