Ruijie Gateway EG & NBR Models v11.1(6)B9P1 - 11.9(4)B12P1 RCE | Advisories

Advisories

Ruijie Gateway EG & NBR Models v11.1(6)B9P1 - 11.9(4)B12P1 RCE

severity: critical
date: November 7, 2025
Affecting: Firmware versions 11.1(6)B9P1 - 11.9(4)B12P1
CVE: CVE-2020-36870
CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSS: 9.2
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: Ruijie Networks Initial Disclosure
Ruijie Networks Exploitation Acknowledgement
CNVD-2021-09650
Shadowserver Exploitation Evidence
Description: Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server authentication, or screen mirroring are enabled to gain access or execute commands on affected devices. Exploitation evidence was observed by the Shadowserver Foundation on 2025-06-07 UTC.
VulnCheck KEV: This advisory is in the VulnCheck KEV database