Vulnerabilites related to commscope - ruckus_smartzone_firmware
CVE-2025-44961 (GCVE-0-2025-44961)
Vulnerability from cvelistv5
Published
2025-08-04 00:00
Modified
2025-08-05 14:43
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
References
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
https://claroty.com/team82/disclosure-dashboard/cve-2025-44961
Impacted products
Vendor Product Version
RUCKUS SmartZone Version: 0   < 6.1.2p3 Refresh Build
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-44961",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-05T14:42:39.227752Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-05T14:43:23.513Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SmartZone",
          "vendor": "RUCKUS",
          "versions": [
            {
              "lessThan": "6.1.2p3 Refresh Build",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T16:38:01.189Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/613753"
        },
        {
          "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
        },
        {
          "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44961"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-44961",
    "datePublished": "2025-08-04T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-08-05T14:43:23.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-44954 (GCVE-0-2025-44954)
Vulnerability from cvelistv5
Published
2025-08-04 00:00
Modified
2025-08-05 17:43
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-1394 - Use of Default Cryptographic Key
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
References
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
https://claroty.com/team82/disclosure-dashboard/cve-2025-44954
Impacted products
Vendor Product Version
RUCKUS SmartZone Version: 0   < 6.1.2p3 Refresh Build
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-44954",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-05T17:43:37.876639Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-05T17:43:44.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SmartZone",
          "vendor": "RUCKUS",
          "versions": [
            {
              "lessThan": "6.1.2p3 Refresh Build",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1394",
              "description": "CWE-1394 Use of Default Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T16:39:22.087Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/613753"
        },
        {
          "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
        },
        {
          "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44954"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-44954",
    "datePublished": "2025-08-04T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-08-05T17:43:44.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25717 (GCVE-0-2023-25717)
Vulnerability from cvelistv5
Published
2023-02-13 00:00
Modified
2025-07-30 01:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • n/a
Summary
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
References
https://support.ruckuswireless.com/security_bulletins/315
https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:32:11.415Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/315"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25717",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T15:06:32.335785Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-05-12",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-25717"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:31.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2023-05-12T00:00:00+00:00",
            "value": "CVE-2023-25717 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin\u0026password=password$(curl substring."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-13T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://support.ruckuswireless.com/security_bulletins/315"
        },
        {
          "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-25717",
    "datePublished": "2023-02-13T00:00:00.000Z",
    "dateReserved": "2023-02-13T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:37:31.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-44960 (GCVE-0-2025-44960)
Vulnerability from cvelistv5
Published
2025-08-04 00:00
Modified
2025-08-05 17:41
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
References
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
https://claroty.com/team82/disclosure-dashboard/cve-2025-44960
Impacted products
Vendor Product Version
RUCKUS SmartZone Version: 0   < 6.1.2p3 Refresh Build
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-44960",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-05T17:41:52.455557Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-05T17:41:58.260Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SmartZone",
          "vendor": "RUCKUS",
          "versions": [
            {
              "lessThan": "6.1.2p3 Refresh Build",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T16:41:52.359Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/613753"
        },
        {
          "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
        },
        {
          "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44960"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-44960",
    "datePublished": "2025-08-04T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-08-05T17:41:58.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-44957 (GCVE-0-2025-44957)
Vulnerability from cvelistv5
Published
2025-08-04 00:00
Modified
2025-08-05 17:42
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Summary
Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
References
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
https://claroty.com/team82/disclosure-dashboard/cve-2025-44957
Impacted products
Vendor Product Version
RUCKUS SmartZone Version: 0   < 6.1.2p3 Refresh Build
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-44957",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-05T17:42:35.737516Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-05T17:42:42.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SmartZone",
          "vendor": "RUCKUS",
          "versions": [
            {
              "lessThan": "6.1.2p3 Refresh Build",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T16:41:04.649Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/613753"
        },
        {
          "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
        },
        {
          "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44957"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-44957",
    "datePublished": "2025-08-04T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-08-05T17:42:42.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-44962 (GCVE-0-2025-44962)
Vulnerability from cvelistv5
Published
2025-08-04 00:00
Modified
2025-08-05 17:43
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CWE
  • CWE-24 - Path Traversal: '../filedir'
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.
References
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
https://claroty.com/team82/disclosure-dashboard/cve-2025-44962
Impacted products
Vendor Product Version
RUCKUS SmartZone Version: 0   < 6.1.2p3 Refresh Build
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-44962",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-05T17:43:13.507793Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-05T17:43:19.325Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SmartZone",
          "vendor": "RUCKUS",
          "versions": [
            {
              "lessThan": "6.1.2p3 Refresh Build",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-24",
              "description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T16:40:11.641Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/613753"
        },
        {
          "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
        },
        {
          "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44962"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-44962",
    "datePublished": "2025-08-04T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-08-05T17:43:19.325Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2025-08-04 17:15
Modified
2025-08-07 17:59
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
References
cve@mitre.orghttps://claroty.com/team82/disclosure-dashboard/cve-2025-44960Third Party Advisory
cve@mitre.orghttps://kb.cert.org/vuls/id/613753Third Party Advisory, US Government Resource
cve@mitre.orghttps://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24eVendor Advisory
Impacted products
Vendor Product Version
commscope ruckus_smartzone_firmware *
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 7.0.0
commscope ruckus_smartzone_firmware 7.1.0
commscope ruckus_virtual_smartzone -
commscope ruckus_virtual_smartzone-federal -
commscope ruckus_c110 -
commscope ruckus_e510 -
commscope ruckus_h320 -
commscope ruckus_h350 -
commscope ruckus_h510 -
commscope ruckus_m510 -
commscope ruckus_r320 -
commscope ruckus_r510 -
commscope ruckus_r560 -
commscope ruckus_r610 -
commscope ruckus_r710 -
commscope ruckus_r720 -
commscope ruckus_r730 -
commscope ruckus_r750 -
commscope ruckus_smartzone_100 -
commscope ruckus_smartzone_100-d -
commscope ruckus_smartzone_144 -
commscope ruckus_smartzone_144-federal -
commscope ruckus_smartzone_300 -
commscope ruckus_smartzone_300-federal -
commscope ruckus_t310c -
commscope ruckus_t310d -
commscope ruckus_t310n -
commscope ruckus_t310s -
commscope ruckus_t350se -
commscope ruckus_t750 -
commscope ruckus_t750se -
commscope ruckus_network_director *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427",
              "versionEndExcluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA45EF06-28C7-41D8-BBAC-671095FB29A5",
              "versionEndExcluding": "4.5.0.51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route."
    },
    {
      "lang": "es",
      "value": "La compilaci\u00f3n de actualizaci\u00f3n de RUCKUS SmartZone (SZ) anterior a la versi\u00f3n 6.1.2p3 permite la inyecci\u00f3n de comandos del sistema operativo a trav\u00e9s de un determinado par\u00e1metro en una ruta API."
    }
  ],
  "id": "CVE-2025-44960",
  "lastModified": "2025-08-07T17:59:12.387",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-04T17:15:30.050",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44960"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/613753"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2025-08-04 17:15
Modified
2025-08-07 17:55
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
References
cve@mitre.orghttps://claroty.com/team82/disclosure-dashboard/cve-2025-44954Third Party Advisory
cve@mitre.orghttps://kb.cert.org/vuls/id/613753Third Party Advisory, US Government Resource
cve@mitre.orghttps://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24eVendor Advisory
Impacted products
Vendor Product Version
commscope ruckus_smartzone_firmware *
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 7.0.0
commscope ruckus_smartzone_firmware 7.1.0
commscope ruckus_virtual_smartzone -
commscope ruckus_virtual_smartzone-federal -
commscope ruckus_c110 -
commscope ruckus_e510 -
commscope ruckus_h320 -
commscope ruckus_h350 -
commscope ruckus_h510 -
commscope ruckus_m510 -
commscope ruckus_r320 -
commscope ruckus_r510 -
commscope ruckus_r560 -
commscope ruckus_r610 -
commscope ruckus_r710 -
commscope ruckus_r720 -
commscope ruckus_r730 -
commscope ruckus_r750 -
commscope ruckus_smartzone_100 -
commscope ruckus_smartzone_100-d -
commscope ruckus_smartzone_144 -
commscope ruckus_smartzone_144-federal -
commscope ruckus_smartzone_300 -
commscope ruckus_smartzone_300-federal -
commscope ruckus_t310c -
commscope ruckus_t310d -
commscope ruckus_t310n -
commscope ruckus_t310s -
commscope ruckus_t350se -
commscope ruckus_t750 -
commscope ruckus_t750se -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427",
              "versionEndExcluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account."
    },
    {
      "lang": "es",
      "value": "RUCKUS SmartZone (SZ) anterior a la versi\u00f3n de actualizaci\u00f3n 6.1.2p3 tiene una clave privada SSH codificada para una cuenta de usuario equivalente a root."
    }
  ],
  "id": "CVE-2025-44954",
  "lastModified": "2025-08-07T17:55:17.870",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-04T17:15:29.507",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44954"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/613753"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1394"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2025-08-04 17:15
Modified
2025-08-07 17:59
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
References
cve@mitre.orghttps://claroty.com/team82/disclosure-dashboard/cve-2025-44961Third Party Advisory
cve@mitre.orghttps://kb.cert.org/vuls/id/613753Third Party Advisory, US Government Resource
cve@mitre.orghttps://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24eVendor Advisory
Impacted products
Vendor Product Version
commscope ruckus_smartzone_firmware *
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 7.0.0
commscope ruckus_smartzone_firmware 7.1.0
commscope ruckus_virtual_smartzone -
commscope ruckus_virtual_smartzone-federal -
commscope ruckus_c110 -
commscope ruckus_e510 -
commscope ruckus_h320 -
commscope ruckus_h350 -
commscope ruckus_h510 -
commscope ruckus_m510 -
commscope ruckus_r320 -
commscope ruckus_r510 -
commscope ruckus_r560 -
commscope ruckus_r610 -
commscope ruckus_r710 -
commscope ruckus_r720 -
commscope ruckus_r730 -
commscope ruckus_r750 -
commscope ruckus_smartzone_100 -
commscope ruckus_smartzone_100-d -
commscope ruckus_smartzone_144 -
commscope ruckus_smartzone_144-federal -
commscope ruckus_smartzone_300 -
commscope ruckus_smartzone_300-federal -
commscope ruckus_t310c -
commscope ruckus_t310d -
commscope ruckus_t310n -
commscope ruckus_t310s -
commscope ruckus_t350se -
commscope ruckus_t750 -
commscope ruckus_t750se -
commscope ruckus_network_director *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427",
              "versionEndExcluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA45EF06-28C7-41D8-BBAC-671095FB29A5",
              "versionEndExcluding": "4.5.0.51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user."
    },
    {
      "lang": "es",
      "value": "En RUCKUS SmartZone (SZ) anterior a la versi\u00f3n de actualizaci\u00f3n 6.1.2p3, la inyecci\u00f3n de comandos del sistema operativo puede ocurrir a trav\u00e9s de un campo de direcci\u00f3n IP proporcionado por un usuario autenticado."
    }
  ],
  "id": "CVE-2025-44961",
  "lastModified": "2025-08-07T17:59:15.927",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-04T17:15:30.210",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44961"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/613753"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2025-08-04 17:15
Modified
2025-08-07 17:59
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.
References
cve@mitre.orghttps://claroty.com/team82/disclosure-dashboard/cve-2025-44962Third Party Advisory
cve@mitre.orghttps://kb.cert.org/vuls/id/613753US Government Resource
cve@mitre.orghttps://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24eVendor Advisory
Impacted products
Vendor Product Version
commscope ruckus_smartzone_firmware *
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 7.0.0
commscope ruckus_smartzone_firmware 7.1.0
commscope ruckus_virtual_smartzone -
commscope ruckus_virtual_smartzone-federal -
commscope ruckus_c110 -
commscope ruckus_e510 -
commscope ruckus_h320 -
commscope ruckus_h350 -
commscope ruckus_h510 -
commscope ruckus_m510 -
commscope ruckus_r320 -
commscope ruckus_r510 -
commscope ruckus_r560 -
commscope ruckus_r610 -
commscope ruckus_r710 -
commscope ruckus_r720 -
commscope ruckus_r730 -
commscope ruckus_r750 -
commscope ruckus_smartzone_100 -
commscope ruckus_smartzone_100-d -
commscope ruckus_smartzone_144 -
commscope ruckus_smartzone_144-federal -
commscope ruckus_smartzone_300 -
commscope ruckus_smartzone_300-federal -
commscope ruckus_t310c -
commscope ruckus_t310d -
commscope ruckus_t310n -
commscope ruckus_t310s -
commscope ruckus_t350se -
commscope ruckus_t750 -
commscope ruckus_t750se -
commscope ruckus_network_director *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427",
              "versionEndExcluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA45EF06-28C7-41D8-BBAC-671095FB29A5",
              "versionEndExcluding": "4.5.0.51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files."
    },
    {
      "lang": "es",
      "value": "La compilaci\u00f3n de actualizaci\u00f3n de RUCKUS SmartZone (SZ) anterior a la versi\u00f3n 6.1.2p3 permite directory traversal ../ para leer archivos."
    }
  ],
  "id": "CVE-2025-44962",
  "lastModified": "2025-08-07T17:59:20.320",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-04T17:15:30.367",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44962"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/613753"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-24"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2025-08-04 17:15
Modified
2025-08-07 17:59
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
References
cve@mitre.orghttps://claroty.com/team82/disclosure-dashboard/cve-2025-44957Third Party Advisory
cve@mitre.orghttps://kb.cert.org/vuls/id/613753Third Party Advisory, US Government Resource
cve@mitre.orghttps://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24eVendor Advisory
Impacted products
Vendor Product Version
commscope ruckus_smartzone_firmware *
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 6.1.2
commscope ruckus_smartzone_firmware 7.0.0
commscope ruckus_smartzone_firmware 7.1.0
commscope ruckus_virtual_smartzone -
commscope ruckus_virtual_smartzone-federal -
commscope ruckus_c110 -
commscope ruckus_e510 -
commscope ruckus_h320 -
commscope ruckus_h350 -
commscope ruckus_h510 -
commscope ruckus_m510 -
commscope ruckus_r320 -
commscope ruckus_r510 -
commscope ruckus_r560 -
commscope ruckus_r610 -
commscope ruckus_r710 -
commscope ruckus_r720 -
commscope ruckus_r730 -
commscope ruckus_r750 -
commscope ruckus_smartzone_100 -
commscope ruckus_smartzone_100-d -
commscope ruckus_smartzone_144 -
commscope ruckus_smartzone_144-federal -
commscope ruckus_smartzone_300 -
commscope ruckus_smartzone_300-federal -
commscope ruckus_t310c -
commscope ruckus_t310d -
commscope ruckus_t310n -
commscope ruckus_t310s -
commscope ruckus_t350se -
commscope ruckus_t750 -
commscope ruckus_t750se -
commscope ruckus_network_director *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427",
              "versionEndExcluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA45EF06-28C7-41D8-BBAC-671095FB29A5",
              "versionEndExcluding": "4.5.0.51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers."
    },
    {
      "lang": "es",
      "value": "La compilaci\u00f3n de actualizaci\u00f3n de Ruckus SmartZone (SZ) anterior a la versi\u00f3n 6.1.2p3 permite omitir la autenticaci\u00f3n a trav\u00e9s de una clave API v\u00e1lida y encabezados HTTP manipulados."
    }
  ],
  "id": "CVE-2025-44957",
  "lastModified": "2025-08-07T17:59:09.533",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-04T17:15:29.730",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44957"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/613753"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-02-13 20:15
Modified
2025-08-22 21:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
References
cve@mitre.orghttps://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/Exploit, Third Party Advisory
cve@mitre.orghttps://support.ruckuswireless.com/security_bulletins/315Patch, Product, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.ruckuswireless.com/security_bulletins/315Patch, Product, Vendor Advisory
Impacted products
Vendor Product Version
ruckuswireless ruckus_wireless_admin *
ruckuswireless smartzone_ap *
ruckuswireless e510 -
ruckuswireless h320 -
ruckuswireless h350 -
ruckuswireless h510 -
ruckuswireless h550 -
ruckuswireless m510 -
ruckuswireless r310 -
ruckuswireless r320 -
ruckuswireless r350 -
ruckuswireless r510 -
ruckuswireless r550 -
ruckuswireless r610 -
ruckuswireless r650 -
ruckuswireless r710 -
ruckuswireless r720 -
ruckuswireless r730 -
ruckuswireless r750 -
ruckuswireless r760 -
ruckuswireless r850 -
ruckuswireless sz-144 -
ruckuswireless sz100 -
ruckuswireless sz300 -
ruckuswireless t310c -
ruckuswireless t310d -
ruckuswireless t310n -
ruckuswireless t310s -
ruckuswireless t350c -
ruckuswireless t350d -
ruckuswireless t350se -
ruckuswireless t610 -
ruckuswireless t710 -
ruckuswireless t710s -
ruckuswireless t750 -
ruckuswireless t750se -
ruckuswireless t811-cm -
ruckuswireless ruckus_wireless_admin *
ruckuswireless smartzone_ap *
ruckuswireless e510 -
ruckuswireless h320 -
ruckuswireless h510 -
ruckuswireless m510 -
ruckuswireless r310 -
ruckuswireless r320 -
ruckuswireless r500 -
ruckuswireless r510 -
ruckuswireless r550 -
ruckuswireless r600 -
ruckuswireless r610 -
ruckuswireless r650 -
ruckuswireless r710 -
ruckuswireless r720 -
ruckuswireless r730 -
ruckuswireless r750 -
ruckuswireless r850 -
ruckuswireless t300 -
ruckuswireless t301n -
ruckuswireless t301s -
ruckuswireless t310c -
ruckuswireless t310d -
ruckuswireless t310n -
ruckuswireless t310s -
ruckuswireless t504 -
ruckuswireless t610 -
ruckuswireless t710 -
ruckuswireless t710s -
ruckuswireless t750 -
ruckuswireless t750se -
ruckuswireless t811-cm -
ruckuswireless ruckus_wireless_admin *
ruckuswireless smartzone_ap *
ruckuswireless h500 -
ruckuswireless r300 -
ruckuswireless r700 -
ruckuswireless ruckus_wireless_admin *
ruckuswireless smartzone_ap *
ruckuswireless r560 -
ruckuswireless ruckus_wireless_admin *
commscope ruckus_smartzone_firmware *
ruckuswireless sz-144 -
ruckuswireless sz300 -
ruckuswireless ruckus_wireless_admin *
commscope ruckus_smartzone_firmware 6.1.0.0.935
ruckuswireless sz-144 -
ruckuswireless sz100 -
ruckuswireless sz300 -
ruckuswireless ruckus_wireless_admin *
ruckuswireless m510-jp -
ruckuswireless p300 -
ruckuswireless q410 -
ruckuswireless q710 -
ruckuswireless q910 -
ruckuswireless t811-cm\(non-spf\) -
ruckuswireless zd1000 -
ruckuswireless zd1100 -
ruckuswireless zd1200 -
ruckuswireless zd3000 -
ruckuswireless zd5000 -
ruckuswireless ruckus_wireless_admin *
commscope ruckus_smartzone_firmware *
ruckuswireless sz-144-federal -
ruckuswireless sz300-federal -


To clipboard 

{
  "cisaActionDue": "2023-06-02",
  "cisaExploitAdd": "2023-05-12",
  "cisaRequiredAction": "Apply updates per vendor instructions or disconnect product if it is end-of-life.",
  "cisaVulnerabilityName": "Multiple Ruckus Wireless Products CSRF and RCE Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED4CD2B3-C3CE-437F-A01C-5A50B900FC4D",
              "versionEndExcluding": "6.1.0.0.9240",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19E1647-DFDD-4AE9-8118-B6E27796F158",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AECE922-479C-4C3E-9905-1C742DCE9769",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "728B95F9-BD5B-4C0B-ADBD-0B30AAC868EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215024F9-C68E-4919-9FD5-215CF900A830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951BDA12-0294-472A-9292-F60AC6D4292B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28A5E0-6F42-4133-B1D3-1D0116079094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r760:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C50256D2-E89C-4992-B296-7F686C4A0E66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A244DE5-A9B3-45BE-8AD1-154546F4F1F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB6E5537-CC32-46A3-BCA3-52B011E13564",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E561E73-06B4-49E3-A24C-CCDFA0D278EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "271E8C2A-5AD8-47B7-B6C5-D996FD135412",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1151656-21F9-442F-93AF-3E12B497CEF1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C15AA25-82B2-4C02-8361-E8F6179B525A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1DE3AD-CA13-44CE-ACF1-3DE2D6C691BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0680FEA-592F-4610-85D3-D52335906B13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED3EC-4946-4CB1-9227-FC0B500488B9",
              "versionEndExcluding": "5.2.2.0.2064",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215024F9-C68E-4919-9FD5-215CF900A830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951BDA12-0294-472A-9292-F60AC6D4292B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28A5E0-6F42-4133-B1D3-1D0116079094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A244DE5-A9B3-45BE-8AD1-154546F4F1F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EB7F76C-637E-4194-B7CD-36C0EB5C84D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C15AA25-82B2-4C02-8361-E8F6179B525A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1DE3AD-CA13-44CE-ACF1-3DE2D6C691BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0680FEA-592F-4610-85D3-D52335906B13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EFC8C1-5D6B-44AB-919A-FD7365E666EA",
              "versionEndExcluding": "3.6.2.0.795",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE5491D-89A5-4690-8374-0CD27852CCB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FDEC42-0D72-4841-B0FE-B0B0B00B6557",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7549541B-0F1A-45F8-8E5A-8034B00C2D2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3679017-4730-49AF-8CE7-35B82F504EA5",
              "versionEndExcluding": "6.1.1.0.1274",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AADED848-CAF5-4EF6-BAC6-6BE35CCE7815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC1AFF4-766D-4DFF-B7A0-39EFE686F33B",
              "versionEndExcluding": "5.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.0.0.935:*:*:*:*:*:*:*",
              "matchCriteriaId": "98787AFD-705A-4ECA-A735-1412ED55B71C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB6E5537-CC32-46A3-BCA3-52B011E13564",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510-jp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "007DE148-E501-4A35-8F10-ACD28FF2819B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:p300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E3F2DA-3A4B-421A-ACE0-A764B9B57FF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB66E1A9-D6B5-455F-B6C0-FD2EF45CF509",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D44A0E-66C0-4522-90AC-16F7D5738D8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80C949D8-D53C-4B5B-A851-51FAFAB0011D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm\\(non-spf\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE9892F-8F72-4D92-B7A2-4B4B41AB8729",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86341154-62AA-43A3-9B65-3B95873317C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE17AF8-0965-4D9D-A1A3-40976BDF10C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763E2D39-085A-4E8B-BBC1-B0567666FF5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E149CEA6-5EF5-4CD6-969F-D5DD33D04744",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "640C64BD-EBD1-43D7-AEB9-A51E2069BC4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D11729-5815-46AC-A2B6-E1570FDBED8E",
              "versionEndExcluding": "5.2.1.3.1695",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C68AA80-C987-4B00-AB39-4D14910EB961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DEAC3DF-557E-4070-A23E-524A4A3B9226",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin\u0026password=password$(curl substring."
    },
    {
      "lang": "es",
      "value": "Ruckus Wireless Admin hasta la versi\u00f3n 10.4 permite la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de una solicitud HTTP GET no autenticada, como lo demuestra /forms/doLogin?login_username=admin\u0026amp;password=password$(curl substring."
    }
  ],
  "id": "CVE-2023-25717",
  "lastModified": "2025-08-22T21:09:15.577",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-02-13T20:15:10.973",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/315"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}