ГлавнаяУязвимости → CVE-2025-44957
8.5высокая

CVE-2025-44957

Описание

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.

Затрагиваемое ПО
Commscope Ruckus smartzone firmwareCommscope Ruckus virtual smartzoneCommscope Ruckus virtual smartzone-federalCommscope Ruckus c110Commscope Ruckus e510Commscope Ruckus h320Commscope Ruckus h350Commscope Ruckus h510Commscope Ruckus m510Commscope Ruckus r320Commscope Ruckus r510Commscope Ruckus r560Commscope Ruckus r610Commscope Ruckus r710Commscope Ruckus r720Commscope Ruckus r730Commscope Ruckus r750Commscope Ruckus smartzone 100Commscope Ruckus smartzone 100-dCommscope Ruckus smartzone 144Commscope Ruckus smartzone 144-federalCommscope Ruckus smartzone 300Commscope Ruckus smartzone 300-federalCommscope Ruckus t310cCommscope Ruckus t310d
CVSS
Балл8.5 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://claroty.com/team82/disclosure-dashboard/cve-2025-44957https://kb.cert.org/vuls/id/613753https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24ehttps://www.kb.cert.org/vuls/id/613753