Lucene search
K

178 matches found

Cvelist
Cvelist
added 2025/07/21 12:0 a.m.22 views

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

0.00484EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.3 views

CVE-2025-46119

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...

6.4AI score0.00348EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.18 views

CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .apdebug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to...

0.00805EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.3 views

PT-2025-30281 · Commscope · Ruckus Unleashed

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.12.304 CommScope Ruckus Unleashed versions prior to 200.18.7.1.302 Description: An authenticated request to the management endpoint /admin/ cmdstat.jsp discloses the administrator password...

6.3CVSS6.4AI score0.00348EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.6 views

PT-2025-30280 · Commscope · Ruckus Zonedirector +1

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139 CommScope Ruckus ZoneDirector versions prior to 10.5.1.0.279 Description: An issue was discovered where hard-coded credentials for the ftpuser account provide FTP...

5.3CVSS6.6AI score0.00501EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.8 views

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

7.1AI score0.00501EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.12 views

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

0.01246EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.6 views

CommScope Ruckus Unleashed 安全漏洞

The CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14, 200.17.7.0.139, and Ruckus ZoneDirector versions prior to 10.5.1.0.279, which stems from hard-coded credentials and could lead t...

5.3CVSS6.6AI score0.00501EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.4 views

CommScope多款产品 安全漏洞

CommScope Ruckus Unleashed and CommScope Ruckus ZoneDirector are both wireless routers from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14, 200.17.7.0.139, and Ruckus ZoneDirector versions prior to 10.5.1.0.279, which stems from...

7.2CVSS7.8AI score0.01091EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.30 views

CVE-2025-46122

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint /admin/cmdstat.jsp passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to specify a target by MAC...

0.0112EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.8 views

PT-2025-30283 · Commscope · Ruckus Unleashed

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 CommScope Ruckus Unleashed versions prior to 200.17.7.0.139 Description: An issue exists where the functions stamgr cfg adpt addStaFavourite and stamgr cfg adpt addStaIot improperly...

9.8CVSS7.1AI score0.01246EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.5 views

PT-2025-30278 · Commscope · Ruckus Zonedirector +1

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139 CommScope Ruckus ZoneDirector versions prior to 10.5.1.0.279 Description: An authenticated attacker can disable the passphrase requirement for a hidden CLI comman...

8.8CVSS6.4AI score0.00484EPSS
Exploits1References9
CVE
CVE
added 2025/07/21 12:0 a.m.27 views

CVE-2025-46117

CVE-2025-46117 affects CommScope Ruckus Unleashed (versions prior to 200.15.6.212.14 and 200.17.7.0.139) and Ruckus ZoneDirector (prior to 10.5.1.0.279). The root cause is improper sanitization of inputs to a hidden debug script (.ap_debug.sh) invoked from the restricted CLI, allowing an authenti...

9.1CVSS7.3AI score0.00805EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.4 views

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

7.4AI score0.01246EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.3 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

8AI score0.00998EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.8 views

CVE-2025-46119

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint /admin/cmdstat.jsp discloses the administrator password in a trivially reversible obfuscat...

0.00348EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.4 views

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

7.1AI score0.00484EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/21 12:0 a.m.11 views

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

0.00501EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.5 views

PT-2025-30285 · Commscope · Ruckus Unleashed +1

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus Unleashed versions prior to 200.15.6.212.14 and 200.17.7.0.139 CommScope Ruckus ZoneDirector versions prior to 10.5.1.0.279 Description: An issue exists where the authenticated configuration endpoint /admin/ conf.jsp writes t...

7.2CVSS7.3AI score0.01091EPSS
Exploits1References8
CVE
CVE
added 2025/07/21 12:0 a.m.30 views

CVE-2025-46120

The CVE-2025-46120 entry affects CommScope Ruckus Unleashed (before 200.15.6.212.27 and 200.18.7.1.323) and Ruckus ZoneDirector (before 10.5.1.0.282). A path-traversal flaw in the web interface allows an attacker who can upload a template (e.g., via FTP) to have the server execute attacker-suppli...

9.8CVSS7.3AI score0.00998EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder