CVE-2025-46119 Information
Jul 22, 2025
cve
Description
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.12.304 where an authenticated request to the management endpoint /admin/_cmdstat.jsp discloses the administrator password in a trivially reversible obfuscated form. The same obfuscation method persists in configuration prior to 200.18.7.1.302 allowing anyone who obtains the system configuration to recover the plaintext credentials.
Reference
http://commscope.com https://sector7.computest.nl/post/2025-07-ruckus-unleashed/ https://support.ruckuswireless.com/security_bulletins/330
Related CNNVD
CNNVD-202507-2653 (Published: 2025-07-21)
Share on: