彙總 CommScope 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 路徑處理缺陷、跨站腳本、SSRF與記憶體損壞,在 生產負載與軟體部署 使用場景中可能帶來 工作階段劫持、記憶體損壞與應用程式崩潰 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-67305 | In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further. | [email protected] | 9.8 | 0.05% | 2026-02-19 | 2026-04-03 |
| CVE-2025-67304 | In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate remotely, gaining superuser access to the database. This allows creation of administrative users for the web interface, extraction of password hashes, and execution of arbitrary OS commands. | [email protected] | 9.8 | 0.07% | 2026-02-19 | 2026-04-03 |
| CVE-2025-44963 | RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key. | [email protected] | 9.0 | 0.42% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44962 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. | [email protected] | 5.0 | 0.07% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44961 | In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. | [email protected] | 9.9 | 0.77% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44960 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. | [email protected] | 8.5 | 0.51% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44958 | RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. | [email protected] | 5.3 | 0.19% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44957 | Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. | [email protected] | 8.5 | 0.18% | 2025-08-04 | 2025-11-03 |
| CVE-2025-44954 | RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. | [email protected] | 9.0 | 0.20% | 2025-08-04 | 2025-08-07 |
| CVE-2025-44955 | RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password. | [email protected] | 8.8 | 0.22% | 2025-08-04 | 2025-11-03 |
| CVE-2024-23618 | An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. An unauthenticated attacker can exploit this vulnerability to achieve code execution as root. | [email protected] | 9.6 | 0.27% | 2024-01-26 | 2024-11-21 |
| CVE-2023-45992 | A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system. | [email protected] | 9.6 | 0.55% | 2023-10-19 | 2024-11-21 |
| CVE-2023-27572 | An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter. | [email protected] | 6.1 | 0.37% | 2023-04-15 | 2025-02-10 |
| CVE-2023-27571 | An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files. | [email protected] | 5.3 | 0.32% | 2023-04-15 | 2025-02-10 |
| CVE-2022-45701 | Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. | [email protected] | 8.8 | 35.30% | 2023-02-17 | 2025-03-18 |
| CVE-2023-25717 KEV | Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. | [email protected] | 9.8 | 94.24% | 2023-02-13 | 2025-11-03 |
| CVE-2022-27002 | Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns、ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | [email protected] | 9.8 | 2.33% | 2022-03-15 | 2024-11-21 |
| CVE-2022-27001 | Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | [email protected] | 9.8 | 12.62% | 2022-03-15 | 2024-11-21 |
| CVE-2022-27000 | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | [email protected] | 9.8 | 12.62% | 2022-03-15 | 2024-11-21 |
| CVE-2022-26999 | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | [email protected] | 9.8 | 12.62% | 2022-03-15 | 2024-11-21 |