Home

Description

An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

PUBLISHED Reserved 2025-04-15 | Published 2025-07-02 | Updated 2025-11-13 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Default status
unaffected

Any version
affected

References

www.seebug.org/vuldb/ssvid-89107 exploit

vulners.com/seebug/SSV:89107 exploit

vulncheck.com/...router-administrative-credential-disclosure third-party-advisory

cve.org (CVE-2025-34057)

nvd.nist.gov (CVE-2025-34057)

Download JSON