Ruckus Unleashed Authenticated Remote Code Execution via CVE-2023-7338
CVE-2023-7338 is a remote code execution vulnerability affecting Ruckus Unleashed when gateway mode is enabled, allowing authenticated remote attackers to execute arbitrary code by sending specially crafted requests through the web-based management interface.
CVE-2023-7338 is a critical remote code execution (RCE) vulnerability found in Ruckus Unleashed, a Wi-Fi network management solution. The vulnerability resides within the web-based management interface and requires the affected system to be operating in gateway mode. An authenticated attacker can exploit this flaw by crafting and sending malicious requests to the management interface, resulting in arbitrary code execution on the device. This vulnerability was reported by VulnCheck and assigned…
Detection coverage 2
Detect Suspicious Ruckus Unleashed HTTP Requests
highDetects suspicious HTTP requests to Ruckus Unleashed web interface indicative of potential exploitation attempts of CVE-2023-7338
Detect Ruckus Unleashed OS Command Injection via CVE-2023-7338
criticalDetects possible OS command injection attempts against Ruckus Unleashed web interface.
Detection queries are kept inside the platform. Get full rules →
Indicators of compromise
1
1
url