CVE-2023-7338

Description

Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests through the management interface to achieve arbitrary code execution on affected systems.

References

• https://support.ruckuswireless.com/security_bulletins/320
• https://www.vulncheck.com/advisories/ruckus-unleashed-authenticated-rce-in-gateway-mode