cbcvebase.
CVE-2025-56752
published 2025-09-03

CVE-2025-56752: A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them…

PriorityP267critical9.4CVSS 3.1
AVNACLPRNUINSUCHILAH
EPSS
0.50%
38.8th percentile
A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi.

Affected

45 ranges· showing 25
VendorProductVersion rangeFixed in
msrcazl3_kernel_6.6.57.1-7_on_azure_linux_3.0
msrcazl3_kernel_6.6.64.2-1_on_azure_linux_3.0
ruijierg-es205gc-p_firmware
ruijierg-es205gc-p_firmware
ruijierg-es205gc-p_firmware
ruijierg-es205gc_firmware
ruijierg-es205gc_firmware
ruijierg-es205gc_firmware
ruijierg-es206gc-p_firmware
ruijierg-es206gc-p_firmware
ruijierg-es206gs-p_firmware
ruijierg-es206gs-p_firmware
ruijierg-es206gs-p_firmware
ruijierg-es206mg-p_firmware
ruijierg-es208gc_firmware
ruijierg-es208gc_firmware
ruijierg-es208gc_firmware
ruijierg-es209gc-p_firmware
ruijierg-es209gc-p_firmware
ruijierg-es209gc-p_firmware
ruijierg-es209mg-p_firmware
ruijierg-es210gc-lp_firmware
ruijierg-es210gs-p_firmware
ruijierg-es210gs-p_firmware
ruijierg-es210gs-p_firmware

CVSS provenance

nvdv3.19.4CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.