Critical severityNVD Advisory· Published Nov 7, 2025· Updated Apr 15, 2026
CVE-2020-36870
CVE-2020-36870
Description
Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server authentication, or screen mirroring are enabled to gain access or execute commands on affected devices. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-02-05 UTC.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 11.1(6)B9P1 < 11.9(4)B12P1
- Range: 11.1(6)B9P1 < 11.9(4)B12P1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.