CVE-2023-25717: Multiple Ruckus Wireless Products CSRF and RCE

Multiple Ruckus Wireless Products CSRF and RCE Vulnerability. Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.

• CISA KEV-listed (remediation due 2023-06-02)
• EPSS 94.2% (99.9% percentile)

Detection rules

• Potential CVE-2023-25717 Exploitation Attempt high

Browse the CVE database

Read the full analysis on IntelFusions