CVE-2025-58778 HIGH

CVE-2025-58778

Vendor Ruijie Networks Co., Ltd.
Product RG-EST300
Weakness CWE-912
Published October 16, 2025
Last update October 16, 2025

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure, altering the system configurations, or causing a denial of service (DoS) condition.

Key dates

02Disclosure timeline

October 16, 2025 CVE published
October 16, 2025 Record updated