Vulnerabilidades em Ruckus
9 resultadosCVE-2025-44961CRITICALIn RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated uEPSS 2.1%CVE-2025-44960HIGHRUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.EPSS 1.8%CVE-2025-44957HIGHRuckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.EPSS 0.8%CVE-2025-44962MEDIUMRUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.EPSS 0.7%CVE-2025-44954CRITICALRUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.EPSS 0.7%CVE-2025-44963CRITICALRUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain sEPSS 0.6%CVE-2021-4474MEDIUMRuckus AP CLI Arbitrary File Read Allows Authenticated Remote File AccessEPSS 0.5%CVE-2025-44955HIGHRUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.EPSS 0.4%CVE-2025-44958MEDIUMRUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.EPSS 0.3%