Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Commscope Subscribe
Filtered by product Ruckus Iot Controller
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33217 1 Commscope 1 Ruckus Iot Controller 2021-07-09 9.0 HIGH 8.8 HIGH
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
CVE-2021-33219 1 Commscope 1 Ruckus Iot Controller 2021-07-09 7.5 HIGH 9.8 CRITICAL
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
CVE-2021-33218 1 Commscope 1 Ruckus Iot Controller 2021-07-09 10.0 HIGH 9.8 CRITICAL
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.
CVE-2021-33216 1 Commscope 1 Ruckus Iot Controller 2021-07-09 7.5 HIGH 9.8 CRITICAL
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.
CVE-2021-33215 1 Commscope 1 Ruckus Iot Controller 2021-07-09 4.0 MEDIUM 4.3 MEDIUM
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.
CVE-2021-33220 1 Commscope 1 Ruckus Iot Controller 2021-07-09 4.6 MEDIUM 7.8 HIGH
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.
CVE-2021-33221 1 Commscope 1 Ruckus Iot Controller 2021-07-09 7.5 HIGH 9.8 CRITICAL
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.