Lucene search

Ruckus Iot Controller Security Vulnerabilities

cve

CVE-2021-33215

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.

4.3CVSS

6.6AI Score

0.001EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33216

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.

9.8CVSS

9.3AI Score

0.003EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33217

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.

8.8CVSS

9.1AI Score

0.002EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33218

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.

9.8CVSS

9.3AI Score

0.003EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.

9.8CVSS

9.3AI Score

0.003EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33220

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.

7.8CVSS

7.5AI Score

0.0004EPSS

2021-07-07 03:15 PM

cve

CVE-2021-33221

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.

9.8CVSS

9.4AI Score

0.347EPSS

2021-07-07 03:15 PM