110 matches found
CommScope Ruckus Unleashed 安全漏洞
CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in versions prior to CommScope Ruckus Unleashed 200.15.6.12.304, which originates from the disclosure of the administrator password from the management endpoint and could lead to credential recover...
CVE-2025-46117
CVE-2025-46117 affects CommScope Ruckus Unleashed (versions prior to 200.15.6.212.14 and 200.17.7.0.139) and Ruckus ZoneDirector (prior to 10.5.1.0.279). The root cause is improper sanitization of inputs to a hidden debug script (.ap_debug.sh) invoked from the restricted CLI, allowing an authenti...
CVE-2025-46121
The CVE-2025-46121 affects CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139. The flaw arises in stamgr_cfg_adpt_addStaFavourite and stamgr_cfg_adpt_addStaIot that pass a client hostname directly to snprintf as the format string, enabling unauthenticated format-string process...
CVE-2025-46123
CVE-2025-46123 affects CommScope Ruckus Unleashed (versions before 200.15.6.212.14 and 200.17.7.0.139) and Ruckus ZoneDirector (before 10.5.1.0.279). The issue arises from an authenticated configuration endpoint (/admin/_conf.jsp) that writes the Wi‑Fi guest password to memory using snprintf with...
CVE-2025-46122
The CVE-2025-46122 vulnerability affects CommScope Ruckus Unleashed: versions prior to 200.15.6.212.14 and 200.17.7.0.139 are affected. The authenticated diagnostics API endpoint /admin/_cmdstat.jsp accepts attacker-controlled input without sufficient validation, allowing a remote attacker to spe...
CVE-2021-33219
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...
CVE-2021-33220
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...
CVE-2021-33216
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account...
CVE-2021-33221
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints...
📄 CommScope Ruckus IoT Controller 1.7.1.0 Backdoor Account
CommScope Ruckus IoT Controller version 1.7.1.0 has an undocumented backdoor account. Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage:...
CVE-2021-33219
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...
CVE-2021-33220
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...
CVE-2021-33219
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...
CVE-2021-33220
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist...
CVE-2021-33218
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...
CVE-2021-33215
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal...
CVE-2021-33216
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account...
CVE-2021-33215
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal...
Directory traversal
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal...
Hardcoded credentials
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access...