CVE-2023-25717
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
13/02/2023
Last modified:
10/03/2025
Description
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* | 10.4 (including) | |
| cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:* | 6.1.0.0.9240 (excluding) | |
| cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:h350:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:h550:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r350:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/
- https://support.ruckuswireless.com/security_bulletins/315
- https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/
- https://support.ruckuswireless.com/security_bulletins/315