Compare Products

Hide

Clear All

VS

Home > Security Bulletins >Vulnerability in Some Ruijie Reyee RG-ES Series Allows Unauthorized Password Modification

Vulnerability in Some Ruijie Reyee RG-ES Series Allows Unauthorized Password Modification

Published on: July 25, 2025

Last Updated on: July 25, 2025

1. Summary

A vulnerability that allows unauthorized password modification exists in some Ruijie Reyee RG-ES series. Attackers can exploit this vulnerability to modify the device's eWeb login password. [Vulnerability ID: RJPSIRT-2025-07090]

2. Software Versions and Fixes

Product Series	Affected Product	Affected Version	Repair Version
RG-ES series	RG-ES216GC-V2, RG-ES224GC-V2, RG-ES220GS-P, RG-ES228GS-P, RG-ES209GC-P, RG-ES205GC-P, RG-ES205GC, RG-ES208GC, RG-ES206GS-P, RG-ES210GS-P	ESW_1.0(1)B1P39 ESW_1.0(1)B1P35 ESW_1.0(1)B1P27	ESW_1.0(1)B1P48 or later
	RG-ES218GC-P, RG-ES226GC-P, RG-ES206GC-P	ESW_1.0(1)B1P35 ESW_1.0(1)B1P27
	RG-ES216GC, RG-ES224GC, RG-ES210GC-LP	ESW_1.0(1)B1P27
RG-NIS series	RG-NIS2100-8GT2SFP-HP, RG-NIS2100-4GT2SFP-HP	ESW_1.0(1)B1P39	ESW_1.0(1)B1P48 or later

Obtaining the repair software:

1. The product that supports automatic updates will receive a system update prompt. You can install the update to fix the vulnerability.

2. Download it from the official Ruijie Networks website.

3. Contact local after-sales personnel to obtain it.

3. Vulnerability Scoring

Vulnerabilities are scored based on the CVSS v3.1 scoring system. For details, refer to: https://www.first.org/cvss/v3.1/specification-document.

Base Score: 9.4

CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

4. Temporary Fix

None

5. Source

This vulnerability was discovered by the Ruijie R&D team.

6. Revision History

Date	Revision History
2025-07-09	V1.0 initial release

7. Contact Us

Ruijie Networks adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deals with product security issues through our response mechanism.

To enjoy Ruijie Networks PSIRT services and obtain Ruijie Networks product vulnerability information, please visit https://www.ruijie.com/support/securityBulletins.

To report a security vulnerability in Ruijie Networks products and solutions, please send it to PSIRT@ruijie.com.cn. For details, please visit https://www.ruijie.com/support/securityBulletins/vulnerability_reporting.

You can contact us through the following channels:

1. Support: https://www.ruijie.com/support

2. Community: https://community.ruijie.com/portal.php

3. Live Chat: https://www.ruijie.com/rita

Vulnerability Response Mechanism

Ruijie PSIRT addresses the reported potential vulnerabilities in accordance with the vulnerability handling process. Learn More

Vulnerability Reporting

Security vulnerability reporters can submit potential security vulnerabilities to Ruijie PSIRT mailbox. Learn More

Ruijie Networks websites use cookies to deliver and improve the website experience.

See our cookie policy for further details on how we use cookies and how to change your cookie settings.

Cookie Manager

When you visit any website, the website will store or retrieve the information on your browser. This process is mostly in the form of cookies. Such information may involve your personal information, preferences or equipment, and is mainly used to enable the website to provide services in accordance with your expectations. Such information usually does not directly identify your personal information, but it can provide you with a more personalized network experience. We fully respect your privacy, so you can choose not to allow certain types of cookies. You only need to click on the names of different cookie categories to learn more and change the default settings. However, blocking certain types of cookies may affect your website experience and the services we can provide you.

Performance cookies

Through this type of cookie, we can count website visits and traffic sources in order to evaluate and improve the performance of our website. This type of cookie can also help us understand the popularity of the page and the activity of visitors on the site. All information collected by such cookies will be aggregated to ensure the anonymity of the information. If you do not allow such cookies, we will have no way of knowing when you visited our website, and we will not be able to monitor website performance.
Essential cookiesAlways Active

This type of cookie is necessary for the normal operation of the website and cannot be turned off in our system. Usually, they are only set for the actions you do, which are equivalent to service requests, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or remind you of such cookies, but certain functions of the website will not be available. Such cookies do not store any personally identifiable information.

View Cookie Policy Details

Contact Us

How can we help you?

Contact Us

Get an Order help

Contact Us

Get a tech support

How to Buy

How to Buy

Get a Quote > Buy from Our Partner >

Technical Support

Technical Support

Live Chat > Community >

Get in Touch

Get in Touch

Contact Ruijie >