CVE-2020-36870

critical

Description

Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server authentication, or screen mirroring are enabled to gain access or execute commands on affected devices. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-06-07 UTC.

References

https://www.vulncheck.com/advisories/ruijie-networks-eg-and-nbr-series-routers-rce

https://www.ruijie.com.cn/gy/xw-aqtg-zw/85638/

https://www.ruijie.com.cn/gy/xw-aqtg-gw/86747/

https://www.cnvd.org.cn/flaw/show/CNVD-2021-09650

Details

Source: Mitre, NVD

Published: 2025-11-07

Updated: 2025-11-12

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 9.2

Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: Critical

EPSS

EPSS: 0.0011