A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.
References
Link | Resource |
---|---|
https://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
History
29 Sep 2025, 18:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ruijie rg-es218gc-p Firmware
Ruijie rg-es210gs-p Firmware Ruijie rg-es206gs-p Firmware Ruijie rg-es205gc Firmware Ruijie rg-es210gc-lp Ruijie rg-es218gc-p Ruijie rg-es224gc Firmware Ruijie rg-es209gc-p Firmware Ruijie rg-es228gs-p Firmware Ruijie rg-nis2100-4gt2sfp-hp Ruijie rg-es224gc Ruijie rg-nis2100-8gt2sfp-hp Ruijie rg-es210gc-lp Firmware Ruijie rg-es216gc Ruijie rg-nis2100-8gt2sfp-hp Firmware Ruijie rg-es206mg-p Firmware Ruijie rg-es226gc-p Firmware Ruijie rg-es224gc-v2 Firmware Ruijie rg-es216gc-v2 Firmware Ruijie rg-es224gc-v2 Ruijie rg-es220gs-p Firmware Ruijie rg-es205gc-p Firmware Ruijie rg-es206gs-p Ruijie rg-es209gc-p Ruijie rg-es210gs-p Ruijie rg-es209mg-p Firmware Ruijie rg-es220gs-p Ruijie rg-es226gc-p Ruijie rg-es205gc-p Ruijie rg-es206mg-p Ruijie rg-es209mg-p Ruijie rg-es206gc-p Firmware Ruijie rg-nis2100-4gt2sfp-hp Firmware Ruijie rg-es205gc Ruijie rg-es208gc Ruijie rg-es208gc Firmware Ruijie rg-es216gc Firmware Ruijie rg-es216gc-v2 Ruijie Ruijie rg-es228gs-p Ruijie rg-es206gc-p |
|
References | () https://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.md - Third Party Advisory | |
CPE | cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es205gc:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es218gc-p:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-nis2100-8gt2sfp-hp:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es216gc-v2:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es210gc-lp:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es209mg-p:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es205gc-p:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es206gs-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es216gc:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es209gc-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es216gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es206mg-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-nis2100-8gt2sfp-hp_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es210gs-p:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es206gc-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es210gc-lp_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es208gc:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es220gs-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es224gc-v2:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-nis2100-4gt2sfp-hp_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es226gc-p:-:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es224gc:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-es228gs-p:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:h:ruijie:rg-nis2100-4gt2sfp-hp:-:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p39:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es224gc_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\(1\)b1p27:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es209mg-p_firmware:esw_1.0\(1\)b1p42_release\(12142711\):*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es206mg-p_firmware:esw_1.0\(1\)b1p42_release\(12142711\):*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\(1\)b1p35:*:*:*:*:*:*:* |
03 Sep 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-09-03 18:15
Updated : 2025-09-29 18:36
NVD link : CVE-2025-56752
Mitre link : CVE-2025-56752
CVE.ORG link : CVE-2025-56752
JSON object : View
Products Affected
ruijie
- rg-es206gs-p_firmware
- rg-es206mg-p
- rg-es210gs-p
- rg-es205gc-p
- rg-es228gs-p
- rg-nis2100-4gt2sfp-hp_firmware
- rg-es209mg-p
- rg-es206gs-p
- rg-nis2100-8gt2sfp-hp
- rg-es218gc-p_firmware
- rg-es220gs-p
- rg-es216gc_firmware
- rg-es228gs-p_firmware
- rg-es224gc-v2
- rg-es209gc-p
- rg-es210gc-lp
- rg-es224gc
- rg-es205gc
- rg-es209mg-p_firmware
- rg-es210gc-lp_firmware
- rg-es205gc_firmware
- rg-es206gc-p_firmware
- rg-es206gc-p
- rg-nis2100-4gt2sfp-hp
- rg-es226gc-p
- rg-es205gc-p_firmware
- rg-es210gs-p_firmware
- rg-es208gc_firmware
- rg-nis2100-8gt2sfp-hp_firmware
- rg-es216gc
- rg-es208gc
- rg-es224gc_firmware
- rg-es226gc-p_firmware
- rg-es220gs-p_firmware
- rg-es218gc-p
- rg-es209gc-p_firmware
- rg-es224gc-v2_firmware
- rg-es206mg-p_firmware
- rg-es216gc-v2
- rg-es216gc-v2_firmware
CWE
CWE-287
Improper Authentication