N/A

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a remote unauthenticated attacker who can upload a template (e.g., via FTP) to escalate privileges and run arbitrary template code on the controller.

N/A

N/A

CommScope Ruckus Unleashed和CommScope Ruckus ZoneDirector 安全漏洞

CommScope Ruckus Unleashed和CommScope Ruckus ZoneDirector都是美国CommScope公司的一款无线路由器。 CommScope Ruckus Unleashed 200.14.6.1.203之前版本和CommScope Ruckus ZoneDirector存在安全漏洞，该漏洞源于路径遍历缺陷，可能导致执行任意模板代码。

N/A

N/A