ruckus

Top products

The 14 most recently published vulnerabilities affecting ruckus.

• CVE-2021-4474Ruckus AP CLI Arbitrary File Read Allows Authenticated Remote File Access4.9Mar 26, 2026
• CVE-2025-44963RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.9.0Aug 4, 2025
• CVE-2025-44962RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.5.0Aug 4, 2025
• CVE-2025-44961In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.9.9Aug 4, 2025
• CVE-2025-44960RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.8.5Aug 4, 2025
• CVE-2025-44958RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.5.3Aug 4, 2025
• CVE-2025-44957Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.8.5Aug 4, 2025
• CVE-2025-44955RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.8.8Aug 4, 2025
• CVE-2025-44954RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.9.0Aug 4, 2025
• CVE-2017-6223Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could all...8.8Oct 13, 2017
• CVE-2016-1000215Ruckus Wireless H500 web management interface denial of service7.5Oct 25, 2016
• CVE-2016-1000214Ruckus Wireless H500 web management interface authentication bypass5.3Oct 25, 2016
• CVE-2016-1000213Ruckus Wireless H500 web management interface CSRF8.8Oct 25, 2016
• CVE-2016-1000216Ruckus Wireless H500 web management interface authenticated command injection8.8Oct 10, 2016