CVE-2023-25717 - Remote code execution
Original CVE data
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
Ruckuswireless - (3)
Common vulnerability metrics
Remote code execution
No exploit code is reported to exist.
Vulnerability is referenced under CISA's Known Exploited Vulnerabilities (KEV) catalog. See the KEV Catalog
Vulnerability is mentioned or trending in social media.
Vulnerability is being actively exploited by threat actors during campaigns.
How the vulnerability maps against various cybersecurity frameworks
How the submited vulnerability affects compliance
Web Application Security Frameworks
Applicable if the issue likely affects a web application