VYPR
Vendor

Ruckus

Products
23
CVEs
65
Across products
97
Status
Private

Products

23

Recent CVEs

65
View all 65 CVEs →
  • CVE-2025-69426CriJan 9, 2026
    risk 0.65cvss epss 0.00

    The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables…

  • CVE-2025-69425CriJan 9, 2026
    risk 0.65cvss epss 0.01

    The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static…

  • CVE-2025-67305CriFeb 19, 2026
    risk 0.64cvss 9.8epss 0.00

    In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the…

  • CVE-2025-67304CriFeb 19, 2026
    risk 0.64cvss 9.8epss 0.00

    In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded…

  • CVE-2018-11036CriMay 31, 2018
    risk 0.59cvss 9.1epss 0.01

    Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.

  • CVE-2016-1000216HigOct 10, 2016
    risk 0.58cvss 8.8epss 0.07

    Ruckus Wireless H500 web management interface authenticated command injection

  • CVE-2017-6230HigFeb 14, 2018
    risk 0.57cvss 8.8epss 0.02

    Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective…

  • CVE-2017-6229HigFeb 14, 2018
    risk 0.57cvss 8.8epss 0.02

    Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated…

  • CVE-2017-6224HigOct 13, 2017
    risk 0.57cvss 8.8epss 0.01

    Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could…

  • CVE-2017-6223HigOct 13, 2017
    risk 0.57cvss 8.8epss 0.02

    Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the…

  • CVE-2016-1000213HigOct 25, 2016
    risk 0.57cvss 8.8epss 0.00

    Ruckus Wireless H500 web management interface CSRF

  • CVE-2016-1000215HigOct 25, 2016
    risk 0.49cvss 7.5epss 0.01

    Ruckus Wireless H500 web management interface denial of service

  • CVE-2018-11027MedMay 29, 2018
    risk 0.40cvss 6.1epss 0.01

    A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote attackers to inject arbitrary web script or HTML.

  • CVE-2016-1000214MedOct 25, 2016
    risk 0.35cvss 5.3epss 0.01

    Ruckus Wireless H500 web management interface authentication bypass

  • CVE-2023-25717KEVFeb 13, 2023
    risk 0.20cvss epss 0.95

    Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.

  • CVE-2020-26879Oct 26, 2020
    risk 0.07cvss epss 0.42

    Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.

  • CVE-2013-5030Oct 16, 2013
    risk 0.03cvss epss 0.02

    Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructing a crafted URI after receiving an authentication error for an arbitrary login…

  • CVE-2019-19838Jan 23, 2020
    risk 0.02cvss epss 0.24

    emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.

  • CVE-2019-19840Jan 22, 2020
    risk 0.02cvss epss 0.04

    A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.

  • CVE-2019-19842Jan 22, 2020
    risk 0.01cvss epss 0.05

    emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.