CVE-2025-34057

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-34057
CVSS

No CVSS.

A

n information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

References
Link Resource
https://vulncheck.com/advisories/ruijie-nbr-router-administrative-credential-disclosure
https://vulners.com/seebug/SSV:89107
https://www.seebug.org/vuldb/ssvid-89107
Configurations

No configuration.

History

13 Nov 2025, 20:15

Type Values Removed Values Added
Summary (en) An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. (en) An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.
CWE CWE-200

03 Jul 2025, 15:13

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de divulgación de información en Ruijie NBR series routers (que se sabe que afecta a los modelos NBR2000G, NBR1300G y NBR1000) a través del endpoint /WEB_VMS/LEVEL15/. Al manipular una solicitud POST específica con encabezados de cookie modificados y parámetros con un formato especial, un atacante no autenticado puede obtener las credenciales de la cuenta administrativa en texto plano. Esta falla permite la divulgación directa de datos confidenciales del usuario debido a comprobaciones de autenticación incorrectas y una lógica de backend insegura.

02 Jul 2025, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-02 14:15

Updated : 2025-11-13 20:15

NVD link : CVE-2025-34057

Mitre link : CVE-2025-34057

CVE.ORG link : CVE-2025-34057

JSON object : View

Products Affected

No product.

CWE
CWE-306

Missing Authentication for Critical Function