CVE-2017-6230

HIGH

Ruckus Networks Solo/SmartZone AP Firmware < R110.0/< R5.0 Authenticated OS Command Injection

Title source: llm
STIX 2.1

Description

Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0227
EPSS Percentile 80.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (2)
ruckuswireless/smartzone_managed_access_point_firmware < r5.0
ruckuswireless/solo_access_point_firmware < r110.0
Published Feb 14, 2018
Tracked Since Feb 18, 2026