21 matches found
EUVD-2025-22106
Malicious code in bioql PyPI...
EUVD-2025-22090
Malicious code in bioql PyPI...
CVE-2025-46119
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...
CVE-2025-46121
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...
CVE-2025-46119
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...
CVE-2025-46122
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...
CVE-2025-46116
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...
CommScope Ruckus Unleashed 安全漏洞
CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139, which stems from improper handling of format strings and could lead to arbitrary code execution...
CVE-2025-46122
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...
PT-2025-30282 · Commscope · Ruckus Zonedirector +1
Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.14.6.1.203 CommScope Ruckus ZoneDirector affected versions not specified Description: A path-traversal flaw exists in the web interface. This flaw allows the server to execute attacker-supplied...
PT-2025-30278 · Commscope · Ruckus Zonedirector +1
Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139 CommScope Ruckus ZoneDirector versions prior to 10.5.1.0.279 Description: An authenticated attacker can disable the passphrase requirement for a hidden CLI comman...
PT-2025-30279 · Commscope · Ruckus Zonedirector +1
Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139 CommScope Ruckus ZoneDirector versions prior to 10.5.1.0.279 Description: A hidden debug script .ap debug.sh invoked from the restricted command-line interface do...
PT-2025-30281 · Commscope · Ruckus Unleashed
Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.12.304 CommScope Ruckus Unleashed versions prior to 200.18.7.1.302 Description: An authenticated request to the management endpoint /admin/ cmdstat.jsp discloses the administrator password...
CVE-2025-46122
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...
PT-2025-30283 · Commscope · Ruckus Unleashed
Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 CommScope Ruckus Unleashed versions prior to 200.17.7.0.139 Description: An issue exists where the functions stamgr cfg adpt addStaFavourite and stamgr cfg adpt addStaIot improperly...
CVE-2025-46119
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...
CommScope Ruckus Unleashed 安全漏洞
The CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14, 200.17.7.0.139, and Ruckus ZoneDirector versions prior to 10.5.1.0.279, which stems from a password requirement that can be...
CommScope Ruckus Unleashed 安全漏洞
CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in versions prior to CommScope Ruckus Unleashed 200.15.6.12.304, which originates from the disclosure of the administrator password from the management endpoint and could lead to credential recover...
CommScope Ruckus Unleashed 安全漏洞
The CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14, 200.17.7.0.139, and Ruckus ZoneDirector versions prior to 10.5.1.0.279, which stems from improperly cleaned inputs to hidden deb...
CVE-2025-46121
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...