Ruijie RG-EG1000C
Easy fix2 remedies
cpe:2.3:h:ruijie:rg-eg1000c:*:*:*:*:*:*:*, +1 more
Easy fix2 remedies
- >= 11.1(6)B9P1, < 11.9(4)B12P1
Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
Ruijie Gateway EG and NBR Models Code Execution Vulnerability in EWEB Management System
Vulnerability
Exploited
Patched
A remote code execution vulnerability has been identified in the EWEB management system of various Ruijie Gateway EG and NBR router models. This vulnerability affects firmware versions 11.1(6)B9P1 prior to 11.9(4)B12P1. The issue arises when certain front-end functionalities, such as guest authentication, local server authentication, or screen mirroring, are enabled. Under these conditions, attackers can exploit the vulnerability to gain unauthorized access or execute commands on the affected devices.
Impact
Exploitation of this vulnerability allows attackers to execute arbitrary code on the affected devices, potentially leading to unauthorized access and control over the device.
Remediation
Users are advised to upgrade to Ruijie firmware version 11.9(4)B12P1 or later. For NBR series routers, version 11.9(4)B12P3 is recommended. After upgrading, it is also suggested to modify Web management, VPN, SSH, and TELNET passwords. For guidance on the upgrade process, visit the Ruijie Networks official website.
Added: Nov 7, 2025, 10:22 PM
Updated: Nov 7, 2025, 10:22 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
7.5remediation
8.3relevance
0.9threat
8.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.