Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25717 | 2 Commscope, Ruckuswireless | 61 Ruckus Smartzone Firmware, E510, H320 and 58 more | 2025-08-22 | N/A | 9.8 CRITICAL |
| Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. | |||||
| CVE-2025-44962 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-08-07 | N/A | 5.0 MEDIUM |
| RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. | |||||
| CVE-2025-44961 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-08-07 | N/A | 9.9 CRITICAL |
| In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. | |||||
| CVE-2025-44960 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-08-07 | N/A | 8.5 HIGH |
| RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. | |||||
| CVE-2025-44957 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-08-07 | N/A | 8.5 HIGH |
| Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. | |||||
| CVE-2025-44954 | 1 Commscope | 30 Ruckus C110, Ruckus E510, Ruckus H320 and 27 more | 2025-08-07 | N/A | 9.0 CRITICAL |
| RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. | |||||