9.2
CVE-2020-36870
- EPSS 0.18%
- Veröffentlicht 07.11.2025 21:52:55
- Zuletzt bearbeitet 20.11.2025 22:15:53
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server authentication, or screen mirroring are enabled to gain access or execute commands on affected devices. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-02-05 UTC.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG1000C
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000F
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000K
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000L
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000CE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000SE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000GE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000XE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2000UE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000CE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000SE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000GE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000ME
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000UE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG3000XE
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
RG-EG2100-P
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
EG3210
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
EG3220
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
EG3230
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
EG3250
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR108G-P
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR1000G-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR1300G-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR1700G-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR2100G-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR2500D-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR3000D-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR6120-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR6135-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR6205-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR6210-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR6215-E
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR800G
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR950G
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR1000G-C
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR2000G-C
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
HerstellerBeijing Star-Net Ruijie Network Technology Co., Ltd.
≫
Produkt
NBR3000G-S
Default Statusunaffected
Version <
11.9(4)B12P1
Version
11.1(6)B9P1
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.396 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| disclosure@vulncheck.com | 9.2 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.