Commscope

Ruckus Network Director

7 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-44955

  • EPSS 0.04%
  • Published 04.08.2025 00:00:00
  • Last modified 23.09.2025 19:06:10

RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.

8.8

CVE-2025-44961

  • EPSS 0.14%
  • Published 04.08.2025 00:00:00
  • Last modified 07.08.2025 17:59:15

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.

4.3

CVE-2025-44962

  • EPSS 0.04%
  • Published 04.08.2025 00:00:00
  • Last modified 07.08.2025 17:59:20

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.

8.1

CVE-2025-44963

  • EPSS 0.06%
  • Published 04.08.2025 00:00:00
  • Last modified 23.09.2025 18:48:59

RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.

8.8

CVE-2025-44957

  • EPSS 0.09%
  • Published 04.08.2025 00:00:00
  • Last modified 07.08.2025 17:59:09

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.

7.5

CVE-2025-44958

  • EPSS 0.03%
  • Published 04.08.2025 00:00:00
  • Last modified 23.09.2025 18:57:01

RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.

8.8

CVE-2025-44960

  • EPSS 0.16%
  • Published 04.08.2025 00:00:00
  • Last modified 07.08.2025 17:59:12

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.