CVE-2025-44961 - Vulnerability Details

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Commscope	Ruckus C110 Ruckus E510 Ruckus H320 Ruckus H350 Ruckus H510 Ruckus M510 Ruckus Network Director Ruckus R320 Ruckus R510 Ruckus R560 Ruckus R610 Ruckus R710 Ruckus R720 Ruckus R730 Ruckus R750 Ruckus Smartzone 100 Ruckus Smartzone 100-d Ruckus Smartzone 144 Ruckus Smartzone 144-federal Ruckus Smartzone 300 Ruckus Smartzone 300-federal Ruckus Smartzone Firmware Ruckus T310c Ruckus T310d Ruckus T310n Ruckus T310s Ruckus T350se Ruckus T750 Ruckus T750se Ruckus Virtual Smartzone Ruckus Virtual Smartzone-federal

Configuration 1 [-]

AND

OR	cpe:2.3:o:commscope:ruckus_smartzone_firmware::::::::
	cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-::::::
	cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2::::::
	cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3::::::
	cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:::::::*
	cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:::::::*

OR	cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:::::::*
	cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:::::::*
	cpe:2.3:h:commscope:ruckus_c110:-:::::::*
	cpe:2.3:h:commscope:ruckus_e510:-:::::::*
	cpe:2.3:h:commscope:ruckus_h320:-:::::::*
	cpe:2.3:h:commscope:ruckus_h350:-:::::::*
	cpe:2.3:h:commscope:ruckus_h510:-:::::::*
	cpe:2.3:h:commscope:ruckus_m510:-:::::::*
	cpe:2.3:h:commscope:ruckus_r320:-:::::::*
	cpe:2.3:h:commscope:ruckus_r510:-:::::::*
	cpe:2.3:h:commscope:ruckus_r560:-:::::::*
	cpe:2.3:h:commscope:ruckus_r610:-:::::::*
	cpe:2.3:h:commscope:ruckus_r710:-:::::::*
	cpe:2.3:h:commscope:ruckus_r720:-:::::::*
	cpe:2.3:h:commscope:ruckus_r730:-:::::::*
	cpe:2.3:h:commscope:ruckus_r750:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_100:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_144:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_300:-:::::::*
	cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:::::::*
	cpe:2.3:h:commscope:ruckus_t310c:-:::::::*
	cpe:2.3:h:commscope:ruckus_t310d:-:::::::*
	cpe:2.3:h:commscope:ruckus_t310n:-:::::::*
	cpe:2.3:h:commscope:ruckus_t310s:-:::::::*
	cpe:2.3:h:commscope:ruckus_t350se:-:::::::*
	cpe:2.3:h:commscope:ruckus_t750:-:::::::*
	cpe:2.3:h:commscope:ruckus_t750se:-:::::::*

Configuration 2 [-]

cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://claroty.com/team82/disclosure-dashboard/cve-2025-44961
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e

History

Thu, 07 Aug 2025 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Commscope Commscope ruckus C110 Commscope ruckus E510 Commscope ruckus H320 Commscope ruckus H350 Commscope ruckus H510 Commscope ruckus M510 Commscope ruckus Network Director Commscope ruckus R320 Commscope ruckus R510 Commscope ruckus R560 Commscope ruckus R610 Commscope ruckus R710 Commscope ruckus R720 Commscope ruckus R730 Commscope ruckus R750 Commscope ruckus Smartzone 100 Commscope ruckus Smartzone 100-d Commscope ruckus Smartzone 144 Commscope ruckus Smartzone 144-federal Commscope ruckus Smartzone 300 Commscope ruckus Smartzone 300-federal Commscope ruckus Smartzone Firmware Commscope ruckus T310c Commscope ruckus T310d Commscope ruckus T310n Commscope ruckus T310s Commscope ruckus T350se Commscope ruckus T750 Commscope ruckus T750se Commscope ruckus Virtual Smartzone Commscope ruckus Virtual Smartzone-federal
CPEs		cpe:2.3:a:commscope:ruckus_network_director:::::::: cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:::::::* cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:::::::* cpe:2.3:h:commscope:ruckus_c110:-:::::::* cpe:2.3:h:commscope:ruckus_e510:-:::::::* cpe:2.3:h:commscope:ruckus_h320:-:::::::* cpe:2.3:h:commscope:ruckus_h350:-:::::::* cpe:2.3:h:commscope:ruckus_h510:-:::::::* cpe:2.3:h:commscope:ruckus_m510:-:::::::* cpe:2.3:h:commscope:ruckus_r320:-:::::::* cpe:2.3:h:commscope:ruckus_r510:-:::::::* cpe:2.3:h:commscope:ruckus_r560:-:::::::* cpe:2.3:h:commscope:ruckus_r610:-:::::::* cpe:2.3:h:commscope:ruckus_r710:-:::::::* cpe:2.3:h:commscope:ruckus_r720:-:::::::* cpe:2.3:h:commscope:ruckus_r730:-:::::::* cpe:2.3:h:commscope:ruckus_r750:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_100:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_144:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:::::::* cpe:2.3:h:commscope:ruckus_smartzone_300:-:::::::* cpe:2.3:h:commscope:ruckus_t310c:-:::::::* cpe:2.3:h:commscope:ruckus_t310d:-:::::::* cpe:2.3:h:commscope:ruckus_t310n:-:::::::* cpe:2.3:h:commscope:ruckus_t310s:-:::::::* cpe:2.3:h:commscope:ruckus_t350se:-:::::::* cpe:2.3:h:commscope:ruckus_t750:-:::::::* cpe:2.3:h:commscope:ruckus_t750se:-:::::::* cpe:2.3:o:commscope:ruckus_smartzone_firmware:::::::: cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:::::: cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:::::: cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:::::: cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:::::::* cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:::::::*
Vendors & Products		Commscope Commscope ruckus C110 Commscope ruckus E510 Commscope ruckus H320 Commscope ruckus H350 Commscope ruckus H510 Commscope ruckus M510 Commscope ruckus Network Director Commscope ruckus R320 Commscope ruckus R510 Commscope ruckus R560 Commscope ruckus R610 Commscope ruckus R710 Commscope ruckus R720 Commscope ruckus R730 Commscope ruckus R750 Commscope ruckus Smartzone 100 Commscope ruckus Smartzone 100-d Commscope ruckus Smartzone 144 Commscope ruckus Smartzone 144-federal Commscope ruckus Smartzone 300 Commscope ruckus Smartzone 300-federal Commscope ruckus Smartzone Firmware Commscope ruckus T310c Commscope ruckus T310d Commscope ruckus T310n Commscope ruckus T310s Commscope ruckus T350se Commscope ruckus T750 Commscope ruckus T750se Commscope ruckus Virtual Smartzone Commscope ruckus Virtual Smartzone-federal

Tue, 05 Aug 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 04 Aug 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
Weaknesses		CWE-78
References		https://claroty.com/team82/disclosure-dashboard/cve-2025-44961 https://kb.cert.org/vuls/id/613753 https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
Metrics		cvssV3_1 `{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-08-04T00:00:00.000Z

Updated: 2025-08-05T14:43:23.513Z

Reserved: 2025-04-22T00:00:00.000Z

Link: CVE-2025-44961

Vulnrichment

Updated: 2025-08-05T14:43:05.632Z

NVD

Status : Analyzed

Published: 2025-08-04T17:15:30.210

Modified: 2025-08-07T17:59:15.927

Link: CVE-2025-44961

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object