CVE Tools

commscope

Networking Infrastructurecommercial

35

Cumulative CVEs

8

Monthly snapshots

#59

Peak rank

Top products

ruckus network director7 ruckus smartzone firmware5

Latest CVEs

The 15 most recently published vulnerabilities affecting commscope.

CVE-2025-44963RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.9.0Aug 4, 2025
CVE-2025-44962RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.5.0Aug 4, 2025
CVE-2025-44961In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.9.9Aug 4, 2025
CVE-2025-44960RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.8.5Aug 4, 2025
CVE-2025-44958RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.5.3Aug 4, 2025
CVE-2025-44957Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.8.5Aug 4, 2025
CVE-2025-44955RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.8.8Aug 4, 2025
CVE-2025-44954RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.9.0Aug 4, 2025
CVE-2024-23618Arris SURFboard SBG6950AC2 Arbitrary Code Execution Vulnerability9.6Jan 25, 2024
CVE-2023-45992A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF ...9.6Oct 19, 2023
CVE-2023-27572An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parame...6.1Apr 14, 2023
CVE-2023-27571An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an a...5.3Apr 14, 2023
CVE-2022-45701Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.8.8Feb 17, 2023
CVE-2023-25717Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.KEV9.8Feb 13, 2023
CVE-2022-27002Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns、ddns_host parameters. This vulnerability allows attacker...9.8Mar 15, 2022