Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account

Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage: https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf Affected Product: Ruckus IoT Controller Version: 1.7.1.0 and...

📄 CommScope Ruckus IoT Controller 1.7.1.0 Backdoor Account

CommScope Ruckus IoT Controller version 1.7.1.0 has an undocumented backdoor account. Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage:...

SUSE-SU-2025:20022-1 Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs bsc1227525 - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs bsc1220356 Added: - CommScope Public Trust ECC Root-0...

CLSA-2024-1730915716 Update of nss

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "OISTE WISeKey Global Root GC CA" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of...

CLSA-2024-1707379599 Update of alt-php

Update ca-certificates database to 20231207: - mozilla/certdata.txt,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.64. - The following certificates authorities were added: Certificate "Atos TrustedRoot Root CA ECC G2 2020" Certificate "Atos TrustedRoot Root CA ECC TLS 202...

CLSA-2024-1705945513 Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

CLSA-2024-1705941583 Update of ca-certificates

Update to CKBI 2.64 from NSS 3.95 - Updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" -...

CLSA-2024-1705940980 Update of ca-certificates

Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "Chambers of Commerce Root - 2008" - Certificate "E-Tugra Certification Authority" - Certificate "Global Chambersign Root - 2008" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

JVN#45891816: Ruckus Access Point vulnerable to cross-site scripting

Ruckus Access Point provided by CommScope, Inc. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in the product. Solution Update the Software Update the software to the latest version according to the...

CommScope AP Solo, SmartZone, ZoneDirector Cross-Site Scripting Vulnerabilities

CommScope AP Solo is a series of wireless access points from CommScope, Inc. A security vulnerability exists in CommScope AP Solo, SmartZone, and ZoneDirector. An attacker could exploit the vulnerability to execute arbitrary scripts on a user's web browser...

CVE-2023-27572

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

CVE-2023-27572

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

Cross site scripting

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

CVE-2023-27572

CVE-2023-27572 concerns the CommScope Arris DG3450 Cable Gateway (AR01.02.056.18_041520_711.NCS.10). A reflected XSS vulnerability exists in the https_redirect.php page exposed via the page parameter. Affected component is the web page handling user input; under the provided data the CVSS base me...

CVE-2023-27572

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Date: 17/11/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost =...

Arris Router Firmware 9.1.103 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost = "http://192.168.0....

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Arris DG3450 Cable Gateway vulnerable version: AR01.02.056.18041520711.NCS.10 fixed version: - CVE number: CVE-2023-27571, CVE-2023-2757...

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication Vulnerabilities

Arris DG3450 cable gateway version AR01.02.056.18041520711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities. ======================================================================= title: Multiple Vulnerabilities product: Arris DG3450 Cable Gateway vulnerable...