CVE-2025-56752 (GCVE-0-2025-56752)
Vulnerability from cvelistv5
Published
2025-09-03 00:00
Modified
2025-09-03 17:48
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
CWE
  • n/a
Summary
A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.
References
cve@mitre.orghttps://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.mdThird Party Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.4,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-56752",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-03T17:46:52.356637Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-287",
                "description": "CWE-287 Improper Authentication",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-03T17:48:21.937Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-03T17:25:46.964Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-56752",
    "datePublished": "2025-09-03T00:00:00.000Z",
    "dateReserved": "2025-08-17T00:00:00.000Z",
    "dateUpdated": "2025-09-03T17:48:21.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-56752\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-09-03T18:15:35.363\",\"lastModified\":\"2025-09-29T18:36:43.327\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H\",\"baseScore\":9.4,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D708F42-A120-4A71-9389-5D68BAF04727\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADD7EEBE-A25C-42EB-AA73-1C0041AB240F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es228gs-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D708A493-DF38-4FFA-95D6-FAEDA7479E2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es228gs-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C31BD606-FB2F-45E9-87E8-FD53E9CF15B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AC3740-D80C-493C-BDF0-C4E4A6FF2E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62ABA97C-C04A-4930-ABEB-43330A86D201\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es209gc-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82812FEE-CE7A-49A3-AD3E-9919F3C5F448\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es209gc-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7C512E6-67F8-4028-91D0-6C1910676D28\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84308992-2616-4D29-A62C-A28336E7C871\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25C15EFD-A9C8-4C47-A32D-59751641938B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F1AD063-70A0-4A00-8D1C-13189E2B2DF3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es205gc-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"992A03B3-0579-4D09-AB8C-9A8DF5CE02C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"032079BC-1CD8-4FE6-A4BD-B64F0A5232DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7770AD1B-310F-4132-9034-702CC17DAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es205gc_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"427C1686-648D-41B8-A678-20A7A9AD3A1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es205gc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F4DBB7-A07E-49A3-B646-3BC0A2E3CBAD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77194D9D-D468-4AE3-A0DE-E3A50325D6E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"486C8ACB-1E82-48DD-A300-787ED04A58FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es208gc_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D556E02D-41A0-423F-BE28-A901C851D845\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es208gc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32561419-E54D-457A-93A6-9D7021DA32E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77FE617E-328A-411E-93E8-76A231F49332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA168A71-6BC7-4446-81C1-4B689E17A3C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206gs-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED24FA92-6D9E-4F27-B811-358FC72AEF0E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es206gs-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AFDB262-B8B6-4C86-9F2B-7CB4A80DAD60\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C643C188-1F3B-447A-94BC-70DCC7F877F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B000C3AF-8C0C-491C-A24C-654812C16A39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es210gs-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71A327AD-F318-487B-B29F-247B7E6FE923\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es210gs-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC0CF7D-AC5D-4636-A5A5-0F2C9CAC1AB3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87825E8C-298B-44A8-8703-A3CC74CC3A39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es218gc-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B9E77C-85B7-477A-8832-9B1A4C092965\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es218gc-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3290DDF-7AE6-4180-AFB5-B1CD426CE667\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92920C98-079A-4A36-8463-247035BF9AF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es226gc-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DE5AF7-2B85-45B0-853F-AFD246A99F20\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es226gc-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE000134-F3A7-48A0-9804-05E093471B19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"006B05FD-15BB-4EF9-AB3B-1E7047D797BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206gc-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDB31255-22B1-4456-A73C-9ED40033BE71\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es206gc-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3C6EBBF-062D-486F-B728-5546E30032EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es216gc_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E96C4E27-2199-4264-8279-F05419DC1E61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es216gc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3535A8DE-B573-4615-A356-0F38589B29E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es224gc_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14FC2F4C-D697-4AA7-8371-3BB6CAED0013\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es224gc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47D958EE-E4F6-4CA1-B651-A657AFB27903\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es210gc-lp_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F216AF6C-FF8A-4AC7-A863-594AF656833E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es210gc-lp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC04D700-F6C2-4A88-B5BF-0768BF016546\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es206mg-p_firmware:esw_1.0\\\\(1\\\\)b1p42_release\\\\(12142711\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FDF4A2-1A03-45FA-B1EF-AEB56A8FA44D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es206mg-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49B4F98D-AB74-4D2C-81C3-08973EA0339D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es209mg-p_firmware:esw_1.0\\\\(1\\\\)b1p42_release\\\\(12142711\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDBD1BAD-E228-4EC9-8ADB-4BB26DAC3C74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es209mg-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D186AC64-AA11-4D20-9C91-0C3327B59295\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-nis2100-8gt2sfp-hp_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AFEE7E5-A87F-4420-94CE-63C35857E242\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-nis2100-8gt2sfp-hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BDBCED-BFAF-4532-9CA6-14DC05303789\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-nis2100-4gt2sfp-hp_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8881A4-9562-4ECF-B39B-3AA3A93CCAF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-nis2100-4gt2sfp-hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F590ACA6-0E84-4226-B7AD-52C277D0DF22\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9122AA60-499F-474A-B3B5-80B544090235\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"971F6B6E-21D3-4B5D-8420-B1FDE0EE0562\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es216gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D94FBE5B-41B1-41E6-9FFE-088B192C9441\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es216gc-v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85F030B6-500E-4D90-8392-98CC37B388C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00B46A53-AF82-453A-9BE5-E033BA8F595A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"874CDB78-2D42-4172-8D05-EEC7918480A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es224gc-v2_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07561CF-49FD-4AF1-9D29-D891B86D6148\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es224gc-v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC651E10-BFE5-4D65-A85F-45237BC9B30D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\\\\(1\\\\)b1p27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E54627D-DC55-42B1-83FB-11D9DEDE3404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\\\\(1\\\\)b1p35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A44BFD2D-DCE2-4E69-915F-87B60DCA3115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijie:rg-es220gs-p_firmware:esw_1.0\\\\(1\\\\)b1p39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA27365-8987-4982-A4C1-DFC18386F3F6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ruijie:rg-es220gs-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67CE5E16-D96D-409D-9389-8BB2E7F908B7\"}]}]}],\"references\":[{\"url\":\"https://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-56752\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-03T17:46:52.356637Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-03T17:47:36.191Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/TNCX-byte/Vulnerability_Research/blob/main/CVE-2025-56752/README.md\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-09-03T17:25:46.964Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-56752\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-03T17:48:21.937Z\", \"dateReserved\": \"2025-08-17T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-09-03T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.