COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-25717

CVE-2023-25717

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-05-12
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-25717
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts

Players implicated

Ruckus Wireless · vendorMultiple Products · product

Description

Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.