CVE-2025-46116 Information
Jul 22, 2025
cve
Description
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279 where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it to escape the restricted shell and obtain a root shell on the controller.
Reference
http://commscope.com https://sector7.computest.nl/post/2025-07-ruckus-unleashed/ https://support.ruckuswireless.com/security_bulletins/330
Related CNNVD
CNNVD-202507-2651 (Published: 2025-07-21)
Share on: