Ruckuswireless: community verdicts
3 notable / known-exploited Ruckuswireless CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Ruckuswireless CVE, see NVD ↗.
- CVE-2023-25717CRIT 9.8KEVEPSS 95%
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
- CVE-2021-36630HIGH 7.5Real · low riskEPSS 2%
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request.
- CVE-2020-21161MED 6.1EPSS 1%
Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.