← back
CVE-2025-58778

CVE-2025-58778

CVSS 8.6 HIGHEPSS 0.5%CWE-912
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.6EPSS 0.5%KEV nãoPoC Patch
Lifecycle
16 Oct 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure, altering the system configurations, or causing a denial of service (DoS) condition.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Ruijie Networks Co., Ltd. · RG-EST300

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN72648885/https://www.ruijie.com.cn/gy/xw-aqtg-gw/929848/https://www.ruijie.com/en-global/support/productLifecycle