← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-25717 — Actively Exploited: Multiple Products (Ruckus Wireless)

Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Sol

CVE IDCVE-2023-25717
VendorRuckus Wireless
ProductMultiple Products
Vulnerability nameMultiple Ruckus Wireless Products CSRF and RCE Vulnerability
Date added2023-05-12
Remediation due2023-06-02
Known ransomware useUnknown
Required actionApply updates per vendor instructions or disconnect product if it is end-of-life.
DescriptionRuckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →