This page lists publicly disclosed CVE vulnerabilities affecting commscope ruckus_iot_controller (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-33221 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints. | [email protected] | 9.8 | 56.99% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33220 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist. | [email protected] | 7.8 | 0.25% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33219 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts. | [email protected] | 9.8 | 2.15% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33218 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access. | [email protected] | 9.8 | 2.30% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33217 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root. | [email protected] | 8.8 | 1.38% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33216 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account. | [email protected] | 9.8 | 13.77% | 2021-07-07 | 2024-11-21 |
| CVE-2021-33215 | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal. | [email protected] | 4.3 | 1.19% | 2021-07-07 | 2024-11-21 |