HIGH
Ruijienetworks
CVE published 2026-01-29
CVE-2020-37015
A directory traversal vulnerability in Ruijie Networks Switch eWeb S29_RGOS 11.4 allows unauthenticated attackers to access sensitive configuration files via the /download.do endpoint. The vulnerability was disclosed in January 2026 and last modified in May 2026. The CVSS 4.0 vector indicates network attack vector with low attack complexity, low privileges required, and high confidentiality impact to the [truncated]