← Back

Eg 2000se Firmware

eg-2000se_firmware

Vendor: Ruijie • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-16641
1Ruijie
1Eg 2000se Firmware
Jul 9, 2025
Jul 16, 2024
N/A· v4
8.4 HIGH· v3
N/A· v2
An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000S...Show more
An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1.Show less
CVE-2019-16640
1Ruijie
1Eg 2000se Firmware
Jul 9, 2025
Jul 16, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled (%00 and /var/./html are not checked), which can allow an attacker to upload any file to the...Show more
An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled (%00 and /var/./html are not checked), which can allow an attacker to upload any file to the gateway. This affects EG-2000SE EG_RGOS 11.9 B11P1.Show less
CVE-2019-16639
1Ruijie
1Eg 2000se Firmware
Jul 9, 2025
Jul 16, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET commands and/or show admi...Show more
An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET commands and/or show admin passwords via the mode_url=exec&command= substring. This affects EG-2000SE EG_RGOS 11.9 B11P1.Show less
CVE-2019-16638
1Ruijie
1Eg 2000se Firmware
Mar 18, 2025
Jul 16, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EG_RGOS 11.1(1)B1.