An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script `.ap_debug.sh` invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to execute arbitrary commands as root on the controller or specified target.
References
Link | Resource |
---|---|
https://sector7.computest.nl/post/2025-07-ruckus-unleashed/ | Exploit Third Party Advisory |
https://support.ruckuswireless.com/security_bulletins/330 | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Aug 2025, 17:17
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:commscope:ruckus_r770:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r760:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r550:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r310:-:*:*:*:*:*:*:* cpe:2.3:a:ruckuswireless:ruckus_zonedirector:*:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:* cpe:2.3:a:ruckuswireless:ruckus_unleashed:*:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t610:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t350d:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r650:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t710s:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:zonedirector_1200:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t670:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_m510-jp:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r850:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t811-cm:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t710:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t811-cm_\(non-sfp\):-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r670:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_h550:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r350:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r350e:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:* cpe:2.3:h:commscope:ruckus_t350c:-:*:*:*:*:*:*:* |
|
References | () https://sector7.computest.nl/post/2025-07-ruckus-unleashed/ - Exploit, Third Party Advisory | |
References | () https://support.ruckuswireless.com/security_bulletins/330 - Product | |
First Time |
Commscope ruckus R850
Commscope ruckus R320 Commscope ruckus R310 Commscope ruckus T710s Commscope ruckus T670 Commscope ruckus C110 Commscope zonedirector 1200 Commscope ruckus R730 Commscope ruckus R350e Commscope ruckus T710 Commscope ruckus T350se Commscope ruckus M510 Commscope ruckus T811-cm Commscope ruckus R760 Commscope ruckus H510 Commscope ruckus R750 Commscope ruckus H320 Commscope ruckus R610 Commscope ruckus T610 Commscope ruckus T310c Commscope ruckus T750se Commscope ruckus R510 Commscope ruckus T310n Commscope ruckus T350c Commscope ruckus M510-jp Commscope ruckus T750 Commscope ruckus R670 Commscope ruckus H550 Commscope ruckus R770 Commscope ruckus E510 Ruckuswireless ruckus Zonedirector Commscope ruckus R350 Commscope ruckus T811-cm \(non-sfp\) Commscope ruckus R720 Commscope ruckus R710 Commscope ruckus R560 Commscope ruckus R550 Commscope ruckus R650 Commscope ruckus T310s Ruckuswireless Ruckuswireless ruckus Unleashed Commscope ruckus T350d Commscope ruckus H350 Commscope |
23 Jul 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
22 Jul 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Jul 2025, 13:06
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Jul 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
21 Jul 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-21 15:15
Updated : 2025-08-05 17:17
NVD link : CVE-2025-46117
Mitre link : CVE-2025-46117
CVE.ORG link : CVE-2025-46117
JSON object : View
Products Affected
commscope
- ruckus_t610
- ruckus_h350
- ruckus_r850
- ruckus_r650
- ruckus_t350se
- ruckus_t750
- ruckus_h320
- ruckus_t310s
- ruckus_e510
- ruckus_r350
- zonedirector_1200
- ruckus_t350c
- ruckus_r320
- ruckus_r760
- ruckus_t750se
- ruckus_r560
- ruckus_r610
- ruckus_r750
- ruckus_t710
- ruckus_r730
- ruckus_t710s
- ruckus_r550
- ruckus_h550
- ruckus_r770
- ruckus_t310c
- ruckus_t670
- ruckus_t350d
- ruckus_r310
- ruckus_r720
- ruckus_r350e
- ruckus_r710
- ruckus_t310n
- ruckus_t811-cm
- ruckus_t811-cm_\(non-sfp\)
- ruckus_c110
- ruckus_m510-jp
- ruckus_r510
- ruckus_m510
- ruckus_h510
- ruckus_r670
ruckuswireless
- ruckus_unleashed
- ruckus_zonedirector
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')