CVE-2023-25717
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
| Vendor | n/a |
| Product | n/a |
| Published | Feb 13, 2023 |
| Last Updated | Oct 21, 2025 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for n/a n/a
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-25717.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a
References
support.ruckuswireless.com: https://support.ruckuswireless.com/security_bulletins/315 cybir.com: https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-25717