CVE-2023-25717 — Actively Exploited: Multiple Products (Ruckus Wireless)
Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Sol
| CVE ID | CVE-2023-25717 |
|---|---|
| Vendor | Ruckus Wireless |
| Product | Multiple Products |
| Vulnerability name | Multiple Ruckus Wireless Products CSRF and RCE Vulnerability |
| Date added | 2023-05-12 |
| Remediation due | 2023-06-02 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions or disconnect product if it is end-of-life. |
| Description | Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →