Ruckus Smartzone Firmware

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-44962 MEDIUM This Month

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-44961 CRITICAL This Week

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVSS 3.1
9.9
EPSS
0.2%
CVE-2025-44960 HIGH This Month

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-44957 HIGH This Month

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-44954 CRITICAL This Week

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ruckus Smartzone Firmware
NVD
CVSS 3.1
9.0
EPSS
0.1%
CVE-2025-44962
EPSS 0% CVSS 5.0
MEDIUM This Month

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVE-2025-44961
EPSS 0% CVSS 9.9
CRITICAL This Week

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVE-2025-44960
EPSS 0% CVSS 8.5
HIGH This Month

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVE-2025-44957
EPSS 0% CVSS 8.5
HIGH This Month

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Ruckus Smartzone Firmware Ruckus Network Director
NVD
CVE-2025-44954
EPSS 0% CVSS 9.0
CRITICAL This Week

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ruckus Smartzone Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy