VYPR

Vendor CVEs

Commscope

All CVEs

28 total · sorted by risk
  • CVE-2025-67305CriFeb 19, 2026
    risk 0.64cvss 9.8epss 0.00

    In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the…

  • CVE-2025-67304CriFeb 19, 2026
    risk 0.64cvss 9.8epss 0.00

    In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded…

  • CVE-2017-9521CriJul 31, 2017
    risk 0.64cvss 9.8epss 0.03

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware…

  • CVE-2017-9489HigJul 31, 2017
    risk 0.57cvss 8.8epss 0.01

    The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST) devices allows configuration changes via CSRF.

  • CVE-2017-9492HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware…

  • CVE-2017-16836MedNov 16, 2017
    risk 0.43cvss 6.1epss 0.02

    Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.

  • CVE-2017-9476MedJul 31, 2017
    risk 0.42cvss 6.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version…

  • CVE-2017-9491MedJul 31, 2017
    risk 0.35cvss 5.3epss 0.01

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware…

  • CVE-2021-33221Jul 7, 2021
    risk 0.07cvss epss 0.57

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.

  • CVE-2021-33216Jul 7, 2021
    risk 0.06cvss epss 0.14

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.

  • CVE-2021-36630Jan 18, 2023
    risk 0.03cvss epss 0.02

    DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request.

  • CVE-2014-3778Jun 19, 2014
    risk 0.03cvss epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsService…

  • CVE-2025-46121Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `stamgr_cfg_adpt_addStaIot` pass a client hostname directly to snprintf as the format string. A remote attacker can…

  • CVE-2025-46120Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted…

  • CVE-2025-46117Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script `.ap_debug.sh` invoked from the restricted CLI does not properly sanitize its input, allowing an…

  • CVE-2025-46119Jul 21, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint `/admin/_cmdstat.jsp` discloses the administrator password in a…

  • CVE-2025-46118Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or…

  • CVE-2025-46123Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint `/admin/_conf.jsp` writes the Wi-Fi guest password to memory with snprintf using…

  • CVE-2025-46122Jul 21, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint `/admin/_cmdstat.jsp` passes attacker-controlled input to the shell without adequate validation, enabling a remote attacker to…

  • CVE-2025-46116Jul 21, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command `!v54!` via a management API call…

  • CVE-2021-41552Feb 15, 2022
    risk 0.00cvss epss 0.01

    CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.

  • CVE-2021-33220Jul 7, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.

  • CVE-2021-33219Jul 7, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.

  • CVE-2021-33218Jul 7, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.

  • CVE-2021-33217Jul 7, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.

  • CVE-2021-33215Jul 7, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.

  • CVE-2019-15805Aug 29, 2019
    risk 0.00cvss epss 0.01

    CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. Any user connected to the Wi-Fi can…

  • CVE-2019-15806Aug 29, 2019
    risk 0.00cvss epss 0.01

    CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. Any user connected to the Wi-Fi…