CVE-2025-46117

Опубликовано: 21 июл. 2025

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .ap_debug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to execute arbitrary commands as root on the controller or specified target.

Ссылки

https://sector7.computest.nl/post/2025-07-ruckus-unleashed/
Exploit
Third Party Advisory
https://support.ruckuswireless.com/security_bulletins/330
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ruckuswireless:ruckus_unleashed:*:*:*:*:*:*:*:*

Версия до 200.15.6.212.14 (исключая)

cpe:2.3:a:ruckuswireless:ruckus_unleashed:*:*:*:*:*:*:*:*

Версия от 200.17 (включая) до 200.17.7.0.139 (исключая)

cpe:2.3:a:ruckuswireless:ruckus_zonedirector:*:*:*:*:*:*:*:*

Версия до 10.5.1.0.279 (исключая)

Одно из

cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h550:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_m510-jp:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r310:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r350:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r350e:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r550:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r650:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r670:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r760:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r770:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r850:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t350c:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t350d:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t610:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t670:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t710:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t710s:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t811-cm:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t811-cm_\(non-sfp\):-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:zonedirector_1200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00129

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-m65g-vw8w-cq9f

CVSS3: 8.8

github

7 месяцев назад

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script `.ap_debug.sh` invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to execute arbitrary commands as root on the controller or specified target.