Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
2454160.8%CRITICAL

Related CVEs

54
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-67305In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further.CRITICAL9.838.7%Feb 19, 2026
CVE-2025-67304In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate remotely, gaining superuser access to the database. This allows creation of administrative users for the web interface, extraction of password hashes, and execution of arbitrary OS commands.CRITICAL9.837.9%Feb 19, 2026
CVE-2025-44963RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.HIGH8.143.6%Aug 4, 2025
CVE-2025-44962RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.MEDIUM4.348.2%Aug 4, 2025
CVE-2025-44961In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.HIGH8.879.3%Aug 4, 2025
CVE-2025-44960RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.HIGH8.876.0%Aug 4, 2025
CVE-2025-44958RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.HIGH7.524.9%Aug 4, 2025
CVE-2025-44957Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.HIGH8.853.4%Aug 4, 2025
CVE-2025-44954RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.CRITICAL9.847.7%Aug 4, 2025
CVE-2025-44955RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.HIGH8.834.2%Aug 4, 2025
CVE-2024-23618An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. An unauthenticated attacker can exploit this vulnerability to achieve code execution as root. CRITICAL9.864.6%Jan 26, 2024
CVE-2023-45992A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system.CRITICAL9.643.6%Oct 19, 2023
CVE-2023-27572An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter.MEDIUM6.150.5%Apr 15, 2023
CVE-2023-27571An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files.MEDIUM5.355.1%Apr 15, 2023
CVE-2022-45701Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.HIGH8.8Feb 17, 2023
CVE-2023-25717Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.CRITICAL9.8KEVFeb 13, 2023
CVE-2022-27002Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns、ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.CRITICAL9.8Mar 15, 2022
CVE-2022-27001Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.CRITICAL9.8Mar 15, 2022
CVE-2022-27000Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.CRITICAL9.8Mar 15, 2022
CVE-2022-26999Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.CRITICAL9.8Mar 15, 2022