CVE-2023-25717

CVSS V2 None CVSS V3 None
Description
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
Overview
  • CVE ID
  • CVE-2023-25717
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-13T20:15:10
  • Last Modified Date
  • 2023-02-23T16:26:54
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:* 1 OR 6.1.0.0.9240
cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h350:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h550:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r350:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r760:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t350c:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t350d:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t350se:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:* 1 OR 5.2.2.0.2064
cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t504:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:* 1 OR 3.6.2.0.795
cpe:2.3:h:ruckuswireless:h500:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r300:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:r700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:* 1 OR 6.1.1.0.1274
cpe:2.3:h:ruckuswireless:r560:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone:*:*:*:*:*:*:*:* 1 OR 5.2.1.3
cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone:6.1.0.0.935:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:h:ruckuswireless:m510-jp:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:p300:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:q410:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:q710:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:q910:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:t811-cm\(non-spf\):-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:zd1000:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:zd1100:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:zd1200:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:zd3000:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:zd5000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:* 1 OR 10.4
cpe:2.3:o:ruckuswireless:smartzone:*:*:*:*:*:*:*:* 1 OR 5.2.1.3.1695
cpe:2.3:h:ruckuswireless:sz-144-federal:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:ruckuswireless:sz300-federal:-:*:*:*:*:*:*:* 0 OR
History
Created Old Value New Value Data Type Notes
2023-04-17 07:38:58 Added to TrackCVE
2023-04-17 07:38:59 Weakness Enumeration new