Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-7338
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Ruckus Unleashed Authenticated RCE in Gateway Mode
Source: NVD (National Vulnerability Database)
Vulnerability Description
Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests through the management interface to achieve arbitrary code execution on affected systems.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ruckus Wireless多款产品 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ruckus Wireless Ruckus CloudPath是一种网络访问控制(NAC)解决方案,用于管理网络用户的身份和访问权限,特别是在Wi-Fi网络中。它的目标是提供高级的网络访问管理和安全性功能,确保用户可以安全地连接到网络,并且网络资源受到保护。 Ruckus Wireless多款产品存在操作系统命令注入漏洞,该漏洞源于基于Web的管理接口存在远程代码执行漏洞,可能导致在启用网关模式时,经过身份验证的远程攻击者在系统上执行任意代码。以下产品受到影响:RUCKUS H350、RUCKUS H5
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Ruckus NetworksRUCKUS H350 unknown -
Ruckus NetworksRUCKUS H550 unknown -
Ruckus NetworksRUCKUS R350 unknown -
Ruckus NetworksRUCKUS R550 unknown -
Ruckus NetworksRUCKUS R650 unknown -
Ruckus NetworksRUCKUS R750 unknown -
Ruckus NetworksRUCKUS R850 unknown -
Ruckus NetworksRUCKUS T350c unknown -
Ruckus NetworksRUCKUS T350d unknown -
Ruckus NetworksRUCKUS T350se unknown -
Ruckus NetworksRUCKUS T750 unknown -
Ruckus NetworksRUCKUS T750SE unknown -
Ruckus NetworksRUCKUS Unleashed unknown -
Ruckus NetworksRuckus C110 unknown -
Ruckus NetworksRuckus E510 unknown -
Ruckus NetworksRuckus H320 unknown -
Ruckus NetworksRuckus H510 unknown -
Ruckus NetworksRuckus M510-JP unknown -
Ruckus NetworksRuckus R320 unknown -
Ruckus NetworksRuckus R510 unknown -
Ruckus NetworksRuckus R610 unknown -
Ruckus NetworksRuckus R710 unknown -
Ruckus NetworksRuckus R720 unknown -
Ruckus NetworksRuckus T310c unknown -
Ruckus NetworksRuckus T310d unknown -
Ruckus NetworksRuckus T310n unknown -
Ruckus NetworksRuckus T310s unknown -
Ruckus NetworksRuckus T610 unknown -
Ruckus NetworksRuckus T710 unknown -
Ruckus NetworksRuckus T710s unknown -
II. Public POCs for CVE-2023-7338
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-7338
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same vendor: Ruckus Networks
Same weakness: CWE-78
V. Comments for CVE-2023-7338

No comments yet

Leave a comment