CVE-2023-25717
Multiple Ruckus Wireless Products CSRF and RCE Vulnerability
CVSS
—
Sin CVSS
EPSS
95.3%
p100
KEV
SÍ
12 may 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Ruckus Wireless / Multiple Products
Vulnerabilidad
Multiple Ruckus Wireless Products CSRF and RCE Vulnerability
Añadido a KEV
12 may 2023
Remediar antes de
2 jun 2023
Uso conocido en ransomware
No
Descripción resumida
Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.
Acción requerida
Apply updates per vendor instructions or disconnect product if it is end-of-life.
Notas
https://support.ruckuswireless.com/security_bulletins/315; https://nvd.nist.gov/vuln/detail/CVE-2023-25717
Sin CVEs relacionados por CWE o producto.