Vulnerability in Ruckus Unleashed
CVE-2021-4474
Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attac…
EPSS: 0.000 (5.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.9 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Ruckus Unleashed — versions 0
- Ruckus Smartzone 100-d (Sz100-d) (Eol) — versions 0
- Ruckus Smartzone 100 (Sz-100) (Eol) — versions 0
- Ruckus Smartzone 144-dataplane (Sz144-d) — versions 0
- Ruckus Smartzone 144 (Sz-144) — versions 0
- Ruckus Smartzone 300 (Sz300) (Eol) — versions 0
- Ruckus Zonedirector 1200 (Eol) — versions 0
- Ruckus Wireless Access Point — versions 0
Weakness classification (CWE)
References
- Ruckus Security Bulletin 20210108 (vendor-advisory)
- www.vulncheck.com/advisories/ruckus-ap-cli-arbitrary-file-read-allows-authentic… (third-party-advisory)
Frequently asked questions
- What is CVE-2021-4474?
- CVE-2021-4474 is a medium-severity vulnerability in Ruckus Unleashed, classified under Files or Directories Accessible to External Parties. CVSS score: 4.9/10. Published 2026-03-26.
- How severe is CVE-2021-4474?
- Medium severity. CVSS v3 base score is 4.9 out of 10.