Back to KEVs

CVE-2025-34057

Ruijie NBR Router Administrative Credential Disclosure

Basic Information

CVE State
PUBLISHED
Reserved Date
April 15, 2025
Published Date
July 02, 2025
Last Updated
November 13, 2025
Vendor
Ruijie
Product
NBR Router
Description
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

CVSS Scores

CVSS v4.0

8.7 - HIGH

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

SSVC Information

Exploitation
poc
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (2026-01-10 00:00:00 UTC) Source

References

https://www.seebug.org/vuldb/ssvid-89107 https://vulners.com/seebug/SSV:89107 https://vulncheck.com/advisories/ruijie-nbr-router-administrative-credential-disclosure

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2026-01-10 00:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel