CNNVD-202508-230 Information
Aug 04, 2025
cve
CNNVD ID
CNNVD-202508-230
Related CVE
- CNNVD Published: 2025-08-04
Description (Chinese)
RUCKUS SmartZone是RUCKUS公司的一个网络控制器。 RUCKUS SmartZone 6.1.2p3 Refresh Build之前版本存在操作系统命令注入漏洞,该漏洞源于经过身份验证的用户可通过IP地址字段进行OS命令注入。
Description (English)
RUCKUS SmartZone is a network controller for RUCKUS. The previous version of the RUCKUS SmartZone 6.1.2p3 Refresh Build contained a loophole in the operating system command, which originated from an OS-injected user with an IP address field.
Hazard Level
Medium
Vulnerability Type
操作系统命令注入
Affected Vendor
RUCKUS
Published
2025-08-04
Last Modified
2026-02-24
References
https://claroty.com/team82/disclosure-dashboard/cve-2025-44961 https://kb.cert.org/vuls/id/613753 https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e https://access.redhat.com/security/cve/cve-2025-44961
Patch
https://support.ruckuswireless.com/software/4247
Share on: