Vulnerability Description
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.
Related Weaknesses (CWE)
References
- https://vulncheck.com/advisories/ruijie-nbr-router-administrative-credential-dis
- https://vulners.com/seebug/SSV:89107
- https://www.seebug.org/vuldb/ssvid-89107
FAQ
What is CVE-2025-34057?
CVE-2025-34057 is a documented vulnerability. An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST req...
How severe is CVE-2025-34057?
CVSS scoring is not yet available for CVE-2025-34057. Check NVD for updates.
Is there a patch for CVE-2025-34057?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.