5.3

CVE-2025-46118

Exploit

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary files from writable firmware directories and thereby expose sensitive information or compromise the controller.

Data is provided by the National Vulnerability Database (NVD)
RuckuswirelessRuckus Unleashed Version < 200.15.6.212.14
   CommscopeRuckus C110 Version-
   CommscopeRuckus E510 Version-
   CommscopeRuckus H320 Version-
   CommscopeRuckus H350 Version-
   CommscopeRuckus H510 Version-
   CommscopeRuckus H550 Version-
   CommscopeRuckus M510 Version-
   CommscopeRuckus M510-jp Version-
   CommscopeRuckus R310 Version-
   CommscopeRuckus R320 Version-
   CommscopeRuckus R350 Version-
   CommscopeRuckus R350e Version-
   CommscopeRuckus R510 Version-
   CommscopeRuckus R550 Version-
   CommscopeRuckus R560 Version-
   CommscopeRuckus R610 Version-
   CommscopeRuckus R650 Version-
   CommscopeRuckus R670 Version-
   CommscopeRuckus R710 Version-
   CommscopeRuckus R720 Version-
   CommscopeRuckus R730 Version-
   CommscopeRuckus R750 Version-
   CommscopeRuckus R760 Version-
   CommscopeRuckus R770 Version-
   CommscopeRuckus R850 Version-
   CommscopeRuckus T310c Version-
   CommscopeRuckus T310n Version-
   CommscopeRuckus T310s Version-
   CommscopeRuckus T350c Version-
   CommscopeRuckus T350d Version-
   CommscopeRuckus T350se Version-
   CommscopeRuckus T610 Version-
   CommscopeRuckus T670 Version-
   CommscopeRuckus T710 Version-
   CommscopeRuckus T710s Version-
   CommscopeRuckus T750 Version-
   CommscopeRuckus T750se Version-
   CommscopeRuckus T811-cm Version-
   CommscopeZonedirector 1200 Version-
RuckuswirelessRuckus Unleashed Version >= 200.17 < 200.17.7.0.139
   CommscopeRuckus C110 Version-
   CommscopeRuckus E510 Version-
   CommscopeRuckus H320 Version-
   CommscopeRuckus H350 Version-
   CommscopeRuckus H510 Version-
   CommscopeRuckus H550 Version-
   CommscopeRuckus M510 Version-
   CommscopeRuckus M510-jp Version-
   CommscopeRuckus R310 Version-
   CommscopeRuckus R320 Version-
   CommscopeRuckus R350 Version-
   CommscopeRuckus R350e Version-
   CommscopeRuckus R510 Version-
   CommscopeRuckus R550 Version-
   CommscopeRuckus R560 Version-
   CommscopeRuckus R610 Version-
   CommscopeRuckus R650 Version-
   CommscopeRuckus R670 Version-
   CommscopeRuckus R710 Version-
   CommscopeRuckus R720 Version-
   CommscopeRuckus R730 Version-
   CommscopeRuckus R750 Version-
   CommscopeRuckus R760 Version-
   CommscopeRuckus R770 Version-
   CommscopeRuckus R850 Version-
   CommscopeRuckus T310c Version-
   CommscopeRuckus T310n Version-
   CommscopeRuckus T310s Version-
   CommscopeRuckus T350c Version-
   CommscopeRuckus T350d Version-
   CommscopeRuckus T350se Version-
   CommscopeRuckus T610 Version-
   CommscopeRuckus T670 Version-
   CommscopeRuckus T710 Version-
   CommscopeRuckus T710s Version-
   CommscopeRuckus T750 Version-
   CommscopeRuckus T750se Version-
   CommscopeRuckus T811-cm Version-
   CommscopeZonedirector 1200 Version-
RuckuswirelessRuckus Zonedirector Version < 10.5.1.0.279
   CommscopeRuckus C110 Version-
   CommscopeRuckus E510 Version-
   CommscopeRuckus H320 Version-
   CommscopeRuckus H350 Version-
   CommscopeRuckus H510 Version-
   CommscopeRuckus H550 Version-
   CommscopeRuckus M510 Version-
   CommscopeRuckus M510-jp Version-
   CommscopeRuckus R310 Version-
   CommscopeRuckus R320 Version-
   CommscopeRuckus R350 Version-
   CommscopeRuckus R350e Version-
   CommscopeRuckus R510 Version-
   CommscopeRuckus R550 Version-
   CommscopeRuckus R560 Version-
   CommscopeRuckus R610 Version-
   CommscopeRuckus R650 Version-
   CommscopeRuckus R670 Version-
   CommscopeRuckus R710 Version-
   CommscopeRuckus R720 Version-
   CommscopeRuckus R730 Version-
   CommscopeRuckus R750 Version-
   CommscopeRuckus R760 Version-
   CommscopeRuckus R770 Version-
   CommscopeRuckus R850 Version-
   CommscopeRuckus T310c Version-
   CommscopeRuckus T310n Version-
   CommscopeRuckus T310s Version-
   CommscopeRuckus T350c Version-
   CommscopeRuckus T350d Version-
   CommscopeRuckus T350se Version-
   CommscopeRuckus T610 Version-
   CommscopeRuckus T670 Version-
   CommscopeRuckus T710 Version-
   CommscopeRuckus T710s Version-
   CommscopeRuckus T750 Version-
   CommscopeRuckus T750se Version-
   CommscopeRuckus T811-cm Version-
   CommscopeZonedirector 1200 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.216
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.