{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000087.html",
  "dc:date": "2025-10-16T14:19+09:00",
  "dcterms:issued": "2025-10-16T14:19+09:00",
  "dcterms:modified": "2025-10-16T14:19+09:00",
  "description": "RG-EST300 provided by Ruijie Networks provides SSH server functionality. It is not documented in the manual, and enabled in the initial configuration.\r\n\u003cul\u003e\u003cli\u003eHidden functionality (CWE-912) - CVE-2025-58778\u003c/li\u003e\u003c/ul\u003e\r\nRyu Kuki, Iwaki Miyamoto, Takayuki Sasaki, Katsunari Yoshioka of Yokohama National University reported this vulnerability to the developer and coordinated. After the coordination was completed, they reported the case to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000087.html",
  "sec:cpe": {
    "#text": "cpe:/o:ruijie:rg-est300",
    "@product": "RG-EST300",
    "@vendor": "Ruijie Networks",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.2",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2025-000087",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN72648885/index.html",
      "@id": "JVN#72648885",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58778",
      "@id": "CVE-2025-58778",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Ruijie Networks RG-EST300 undocumented SSH functionality"
}