Lucene search
K

178 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-22091

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00501EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-28570

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0068EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.9 views

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

9.8CVSS8.2AI score0.01246EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.10 views

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

8.8CVSS7.2AI score0.00484EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.10 views

CVE-2025-46123

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint /admin/conf.jsp writes the Wi-Fi guest password to memory with snprintf using the attacker-supplied...

7.2CVSS8.1AI score0.01091EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.11 views

CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .apdebug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to...

9.1CVSS7.8AI score0.00805EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.12 views

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

5.3CVSS7.2AI score0.00501EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.11 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

9.8CVSS8.1AI score0.00998EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.15 views

CVE-2025-46119

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...

6.3CVSS7.2AI score0.00348EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.19 views

CVE-2025-46122

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...

9.1CVSS7.9AI score0.0112EPSS
Exploits1References1
NVD
NVD
added 2025/07/21 3:15 p.m.8 views

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

9.8CVSS0.01246EPSS
Exploits1References2
NVD
NVD
added 2025/07/21 3:15 p.m.19 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

9.8CVSS0.00998EPSS
Exploits1References2
NVD
NVD
added 2025/07/21 3:15 p.m.6 views

CVE-2025-46119

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...

6.3CVSS0.00348EPSS
Exploits1References2
NVD
NVD
added 2025/07/21 3:15 p.m.31 views

CVE-2025-46122

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...

9.1CVSS0.0112EPSS
Exploits1References2
OSV
OSV
added 2025/07/21 3:15 p.m.6 views

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

8.8CVSS5.8AI score0.00484EPSS
Exploits1References2
NVD
NVD
added 2025/07/21 3:15 p.m.17 views

CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .apdebug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to...

9.1CVSS0.00805EPSS
Exploits1References2
NVD
NVD
added 2025/07/21 3:15 p.m.15 views

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

8.8CVSS0.00484EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.4 views

CVE-2025-46122

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...

7.8AI score0.0112EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.3 views

CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .apdebug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to...

7.2AI score0.00805EPSS
Exploits1References2
CVE
CVE
added 2025/07/21 12:0 a.m.27 views

CVE-2025-46118

CVE-2025-46118 affects CommScope Ruckus Unleashed pre-200.15.6.212.14 and pre-200.17.7.0.139, and Ruckus ZoneDirector pre-10.5.1.0.279, due to hard-coded ftpuser credentials that grant FTP access to the controller. This allows a remote attacker to upload or retrieve arbitrary files from writable ...

5.3CVSS6.6AI score0.00501EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder