Vulnerabilities > Commscope

DATE CVE VULNERABILITY TITLE RISK
2021-07-07 CVE-2021-33215 Path Traversal vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-22
4.0
2021-07-07 CVE-2021-33216 Unspecified vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope
7.5
2021-07-07 CVE-2021-33217 Out-of-bounds Write vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-787
critical
9.0
2021-07-07 CVE-2021-33218 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-798
critical
10.0
2021-07-07 CVE-2021-33219 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-798
7.5
2021-07-07 CVE-2021-33220 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
local
low complexity
commscope CWE-798
4.6
2021-07-07 CVE-2021-33221 Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-306
7.5
2020-10-26 CVE-2020-26879 Use of Hard-coded Credentials vulnerability in Commscope Ruckus Vriot
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py.
network
low complexity
commscope CWE-798
critical
10.0
2020-10-26 CVE-2020-26878 Missing Authorization vulnerability in Commscope Ruckus Vriot 1.5.1.0.21
Ruckus through 1.5.1.0.21 is affected by remote command injection.
network
low complexity
commscope CWE-862
critical
9.0
2020-05-05 CVE-2020-8830 Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware
CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.
network
commscope CWE-352
6.8