CNNVD-202511-2696 Information

Nov 25, 2025 cve

CNNVD ID

CNNVD-202511-2696

CVE-2025-63735

CNNVD Published: 2025-11-25

Description (Chinese)

CommScope Ruckus Unleashed是美国CommScope公司的一款无线路由器。 CommScope Ruckus Unleashed 200.13.6.1.319版本存在安全漏洞，该漏洞源于captive-portal端点selfguestpass/guestAccessSubmit.jsp中参数name处理不当，可能导致反射型跨站脚本攻击。

Description (English)

CommScope Ruckus Unleashed is a wireless router of the United States company ComScope. Version 200.13.6.1.319 of CommScope Ruckus Unleashed has a security loophole, which stems from the inappropriate handling of parameter name in the Captive-portal endpoint SelfGuestpass/guestAccessSubmit.jsp, which may result in a reflex-type cross-station script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

康普

Published

2025-11-25

Last Modified

2026-02-24

References

https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/ https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS https://access.redhat.com/security/cve/cve-2025-63735

Share on: