PT-2025-27625 · Ruijie · Ruijie Nbr Series
Published
2025-06-30
·
Updated
2025-07-02
·
CVE-2025-34057
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
Ruijie NBR series routers versions NBR2000G, NBR1300G, and NBR1000
Description:
An information disclosure issue exists via the "/WEB VMS/LEVEL15/" endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic.
Recommendations:
For Ruijie NBR series routers versions NBR2000G, NBR1300G, and NBR1000, consider disabling access to the "/WEB VMS/LEVEL15/" endpoint until a patch is available.
Restrict access to administrative account credentials to minimize the risk of exploitation.
Avoid using specially formatted parameters in the POST request to the "/WEB VMS/LEVEL15/" endpoint until the issue is resolved.
Exploit
Fix
Missing Authentication
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ruijie Nbr Series