Search

Find a vulnerability

Search criteria

    1 vulnerability found for RG-EST300 by Ruijie Networks

    JVNDB-2025-000087

    Vulnerability from jvndb - Published: 2025-10-16 14:19 - Updated:2025-10-16 14:19
    Severity
    Summary
    Ruijie Networks RG-EST300 undocumented SSH functionality
    Details
    RG-EST300 provided by Ruijie Networks provides SSH server functionality. It is not documented in the manual, and enabled in the initial configuration.
    • Hidden functionality (CWE-912) - CVE-2025-58778
    Ryu Kuki, Iwaki Miyamoto, Takayuki Sasaki, Katsunari Yoshioka of Yokohama National University reported this vulnerability to the developer and coordinated. After the coordination was completed, they reported the case to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000087.html",
      "dc:date": "2025-10-16T14:19+09:00",
      "dcterms:issued": "2025-10-16T14:19+09:00",
      "dcterms:modified": "2025-10-16T14:19+09:00",
      "description": "RG-EST300 provided by Ruijie Networks provides SSH server functionality. It is not documented in the manual, and enabled in the initial configuration.\r\n\u003cul\u003e\u003cli\u003eHidden functionality (CWE-912) - CVE-2025-58778\u003c/li\u003e\u003c/ul\u003e\r\nRyu Kuki, Iwaki Miyamoto, Takayuki Sasaki, Katsunari Yoshioka of Yokohama National University reported this vulnerability to the developer and coordinated. After the coordination was completed, they reported the case to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000087.html",
      "sec:cpe": {
        "#text": "cpe:/o:ruijie:rg-est300",
        "@product": "RG-EST300",
        "@vendor": "Ruijie Networks",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.2",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-000087",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN72648885/index.html",
          "@id": "JVN#72648885",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58778",
          "@id": "CVE-2025-58778",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Ruijie Networks RG-EST300 undocumented SSH functionality"
    }