CVE-2025-44957

{"id": "CVE-2025-44957", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-08-04T17:15:29.730", "references": [{"url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44957", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://kb.cert.org/vuls/id/613753", "tags": ["Third Party Advisory", "US Government Resource"], "source": "[email protected]"}, {"url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.kb.cert.org/vuls/id/613753", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-288"}]}], "descriptions": [{"lang": "en", "value": "Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers."}, {"lang": "es", "value": "La compilaci\u00f3n de actualizaci\u00f3n de Ruckus SmartZone (SZ) anterior a la versi\u00f3n 6.1.2p3 permite omitir la autenticaci\u00f3n a trav\u00e9s de una clave API v\u00e1lida y encabezados HTTP manipulados."}], "lastModified": "2025-11-03T20:19:03.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44F784A1-3FFC-4D0D-AA1C-79FC658C3427", "versionEndExcluding": "6.1.2"}, {"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03388446-4CF1-44E7-B065-C2757F1FB268"}, {"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E24AB619-53C8-4D85-B7F4-3DD539CE4423"}, {"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C27F9A43-95AD-447E-AA4F-1E76AEC465B7"}, {"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A03C572-D1A0-4C4A-A57B-6A7272A656CA"}, {"criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "656A9814-B5F2-40C7-BC9E-E3F94873955E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4279B64A-E14F-4C35-833E-1BE754BA938A"}, {"criteria": "cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE5F3960-145C-4263-9758-7E8F23697728"}, {"criteria": "cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84B1EC30-ACC3-4141-A149-F2C912AEDC2B"}, {"criteria": "cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1CB277A-B51A-4EF6-9B60-26E42DB466A3"}, {"criteria": "cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4EDE59EC-811F-4A5E-A4DE-C3289D8A049A"}, {"criteria": "cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "37C8E333-5C44-44BB-842F-FCDA8D8D5831"}, {"criteria": "cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0CABADA0-2CC3-4218-BE64-7014F21166CD"}, {"criteria": "cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75F9B4E2-6E5B-4C96-A46F-06450BB81E68"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D165B27E-AA69-446F-916F-AF26E30510CA"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB605D38-A71B-44FF-909D-D34348491EA8"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E547E2A0-86E7-438C-9602-A2ECB247A84C"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3A5E2C5-E261-4FA6-AB5E-D651110C80CB"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22845768-F360-46EC-BB48-2A68A4B6A2C8"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "89E38958-2FEB-4945-81E0-522BD1136D26"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D8F47E7-791A-44E8-A62C-B4D0F4AF80BD"}, {"criteria": "cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A2A5668-2EDB-4E93-A4FA-88FCBCC057B1"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B47D9D0D-0FB1-4E47-9249-A82EC9581198"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C02B87AD-DEEA-4041-B5BC-CDF208208619"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E724D3AC-394D-4413-8CCE-AC288221A491"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C0CB514-5AA1-4051-8C0E-FF9B1279EC7D"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4AE1274-1D3E-4357-BA8D-073E37F56738"}, {"criteria": "cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D7A47BFA-B68B-475B-AB3B-5E5C083BC907"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0777F3E0-7F95-49B4-B488-5550FF922E9E"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07675BAE-5475-4F6C-9229-65BD92338F5B"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "23A4DF46-52A7-4F47-B9EB-8F3A1D0261DA"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD0D8BF0-5736-44F7-8B9C-6BDCF97FF5C9"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B4ED697-139A-4679-85D5-3992DEA8BB44"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29911530-47EC-4865-9965-72D101827F1A"}, {"criteria": "cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5C83392A-1656-473F-9F08-C3CC89FDF3FA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA45EF06-28C7-41D8-BBAC-671095FB29A5", "versionEndExcluding": "4.5.0.51"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}