Description
Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests through the management interface to achieve arbitrary code execution on affected systems.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
Ruckus Security Bulletin 20230731
https://support.ruckuswireless.com/security_bulletins/320
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/ruckus-unleashed-authenticated-rce-in-gateway-mode
Scores
CVSS v3
7.5
EPSS
0.0052
EPSS Percentile
39.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (30)
Ruckus Networks/Ruckus C110
Ruckus Networks/Ruckus E510
Ruckus Networks/Ruckus H320
Ruckus Networks/RUCKUS H350
Ruckus Networks/Ruckus H510
Ruckus Networks/RUCKUS H550
Ruckus Networks/Ruckus M510-JP
Ruckus Networks/Ruckus R320
Ruckus Networks/RUCKUS R350
Ruckus Networks/Ruckus R510
... and 20 more
Published
Mar 26, 2026
Tracked Since
Mar 27, 2026