Vulnerabilities > Commscope > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2021-33217 | Out-of-bounds Write vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.0 |
| 2021-07-07 | CVE-2021-33218 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 10.0 |
| 2020-10-26 | CVE-2020-26879 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus Vriot Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. | 10.0 |
| 2020-10-26 | CVE-2020-26878 | Missing Authorization vulnerability in Commscope Ruckus Vriot 1.5.1.0.21 Ruckus through 1.5.1.0.21 is affected by remote command injection. | 9.0 |
| 2019-08-29 | CVE-2019-15806 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. | 9.8 |
| 2019-08-29 | CVE-2019-15805 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. | 9.8 |