Commscope Ruckus Iot Controller vulnerabilities
7 known vulnerabilities affecting commscope/ruckus_iot_controller.
Total CVEs
7
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-33221P1CRITICALCVSS 9.8PoC≤ 1.7.1.02021-07-07
CVE-2021-33221 [CRITICAL] CWE-306 CVE-2021-33221: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenti
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.
nvd
CVE-2021-33216P2CRITICALCVSS 9.8PoC≤ 1.7.1.02021-07-07
CVE-2021-33216 [CRITICAL] CVE-2021-33216: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Back
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.
nvd
CVE-2021-33218P3CRITICALCVSS 9.8≤ 1.7.1.02021-07-07
CVE-2021-33218 [CRITICAL] CWE-798 CVE-2021-33218: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.
nvd
CVE-2021-33219P3CRITICALCVSS 9.8≤ 1.7.1.02021-07-07
CVE-2021-33219 [CRITICAL] CWE-798 CVE-2021-33219: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
nvd
CVE-2021-33217P3HIGHCVSS 8.8≤ 1.7.1.02021-07-07
CVE-2021-33217 [HIGH] CWE-787 CVE-2021-33217: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
nvd
CVE-2021-33220P3HIGHCVSS 7.8≤ 1.7.1.02021-07-07
CVE-2021-33220 [HIGH] CWE-798 CVE-2021-33220: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.
nvd
CVE-2021-33215P4MEDIUMCVSS 4.3≤ 1.7.1.02021-07-07
CVE-2021-33215 [MEDIUM] CWE-22 CVE-2021-33215: An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Direc
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.
nvd