CVE-2025-8763

Name of the Vulnerable Software and Affected Versions: Ruijie EG306MG version 3.0(1)B11P309

Description: A vulnerability exists due to missing encryption of sensitive data. The issue is related to the processing of the /etc/strongswan.conf file within the strongSwan component. Manipulation of the i dont care about security and use aggressive mode psk argument is the root cause. The attack can be initiated remotely, but exploitation is difficult and requires a high level of complexity. The vendor was contacted but did not respond.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.