Commscope Ruckus_r320
13 CVEs affecting Commscope Ruckus_r320. Latest disclosed: 2025-08-04. Critical: 6, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-44961 | Critical | 9.9 | 2025-08-04 | In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. |
CVE-2025-46121 | Critical | 9.8 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `s… |
CVE-2025-46120 | Critical | 9.8 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a pa… |
CVE-2025-46122 | Critical | 9.1 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint `/admin/_cm… |
CVE-2025-46117 | Critical | 9.1 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hi… |
CVE-2025-44954 | Critical | 9.0 | 2025-08-04 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. |
CVE-2025-46116 | High | 8.8 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an a… |
CVE-2025-44960 | High | 8.5 | 2025-08-04 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. |
CVE-2025-44957 | High | 8.5 | 2025-08-04 | Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. |
CVE-2025-46123 | High | 7.2 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the… |
CVE-2025-46119 | Medium | 6.3 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an a… |
CVE-2025-46118 | Medium | 5.3 | 2025-07-21 | An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-… |
CVE-2025-44962 | Medium | 5.0 | 2025-08-04 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. |