A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.
References
| Link | Resource |
|---|---|
| https://jvn.jp/en/jp/JVN45891816/ | Third Party Advisory |
| https://support.ruckuswireless.com/security_bulletins/323 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
Configuration 20 (hide)
| AND |
|
Configuration 21 (hide)
| AND |
|
Configuration 22 (hide)
| AND |
|
Configuration 23 (hide)
| AND |
|
Configuration 24 (hide)
| AND |
|
Configuration 25 (hide)
| AND |
|
Configuration 26 (hide)
| AND |
|
Configuration 27 (hide)
| AND |
|
Configuration 28 (hide)
| AND |
|
Configuration 29 (hide)
| AND |
|
Configuration 30 (hide)
| AND |
|
Configuration 31 (hide)
| AND |
|
Configuration 32 (hide)
| AND |
|
Configuration 33 (hide)
| AND |
|
Configuration 34 (hide)
| AND |
|
Configuration 35 (hide)
| AND |
|
Configuration 36 (hide)
| AND |
|
Configuration 37 (hide)
| AND |
|
Configuration 38 (hide)
| AND |
|
History
12 Dec 2023, 17:04
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
| First Time |
Ruckuswireless r510
Ruckuswireless e510 Ruckuswireless h320 Firmware Ruckuswireless t350d Ruckuswireless t350d Firmware Ruckuswireless t305 Ruckuswireless r760 Firmware Ruckuswireless r730 Firmware Ruckuswireless t610 Firmware Ruckuswireless t310n Firmware Ruckuswireless t750se Ruckuswireless h320 Ruckuswireless t310d Firmware Ruckuswireless r850 Ruckuswireless zonedirector Ruckuswireless r720 Ruckuswireless r560 Ruckuswireless t750se Firmware Ruckuswireless r750 Firmware Ruckuswireless r850 Firmware Ruckuswireless t350c Ruckuswireless r720 Firmware Ruckuswireless t610s Firmware Ruckuswireless r550 Ruckuswireless r610 Firmware Ruckuswireless Ruckuswireless h550 Ruckuswireless t350c Firmware Ruckuswireless r560 Firmware Ruckuswireless t750 Ruckuswireless r610 Ruckuswireless r550 Firmware Ruckuswireless t305 Firmware Ruckuswireless m510 Ruckuswireless t710 Firmware Ruckuswireless r310 Ruckuswireless zonedirector Firmware Ruckuswireless c110 Firmware Ruckuswireless t610s Ruckuswireless m510 Firmware Ruckuswireless smartzone Firmware Ruckuswireless h350 Firmware Ruckuswireless e510 Firmware Ruckuswireless t310c Firmware Ruckuswireless r350 Ruckuswireless t310s Ruckuswireless h350 Ruckuswireless t710 Ruckuswireless c110 Ruckuswireless t710s Ruckuswireless r650 Firmware Ruckuswireless h510 Firmware Ruckuswireless t610 Ruckuswireless r320 Ruckuswireless r510 Firmware Ruckuswireless r320 Firmware Ruckuswireless t710s Firmware Ruckuswireless t350se Firmware Ruckuswireless r350 Firmware Ruckuswireless t750 Firmware Ruckuswireless t310n Ruckuswireless r310 Firmware Ruckuswireless r710 Firmware Ruckuswireless r730 Ruckuswireless smartzone Ruckuswireless t350se Ruckuswireless t310s Firmware Ruckuswireless t310d Ruckuswireless t310c Ruckuswireless h510 Ruckuswireless r760 Ruckuswireless r750 Ruckuswireless h550 Firmware Ruckuswireless r710 Ruckuswireless r650 |
|
| References | () https://support.ruckuswireless.com/security_bulletins/323 - Patch, Vendor Advisory | |
| References | () https://jvn.jp/en/jp/JVN45891816/ - Third Party Advisory | |
| CWE | CWE-79 | |
| CPE | cpe:2.3:o:ruckuswireless:t750_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t610s:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t610_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t350d:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t750se_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t350c:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r560_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r850_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:smartzone_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:h550_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:zonedirector:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r320_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r560:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t305_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t710_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r550_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t350d_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r730_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r720_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t350c_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t305:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t310d_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r750_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r310:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:h550:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r650_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r710_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:e510_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t710s_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t350se:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t310s_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:zonedirector_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t310n_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t610s_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:smartzone:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t350se_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r760:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:h510_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r610_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r350_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:h320_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:t310c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:h350_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:h350:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r310_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:m510_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:c110_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r510_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:r350:*:*:*:*:*:*:*:* cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:* cpe:2.3:o:ruckuswireless:r760_firmware:*:*:*:*:*:*:*:* |
07 Dec 2023, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-07 07:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-49225
Mitre link : CVE-2023-49225
CVE.ORG link : CVE-2023-49225
JSON object : View
Products Affected
ruckuswireless
- r320_firmware
- e510
- r730
- e510_firmware
- c110_firmware
- h510_firmware
- m510
- h320
- r610
- r750
- t750se
- h350
- r710
- t610s
- h550_firmware
- r350_firmware
- m510_firmware
- r750_firmware
- t710s
- t350d_firmware
- r310_firmware
- t350se_firmware
- smartzone
- t310c_firmware
- t750se_firmware
- zonedirector
- r610_firmware
- r560_firmware
- t610
- t710_firmware
- t310c
- t610s_firmware
- r730_firmware
- c110
- t710
- r550
- t310s
- r850
- t350d
- t305
- r550_firmware
- r720
- zonedirector_firmware
- h320_firmware
- r720_firmware
- t310d_firmware
- r510_firmware
- r650_firmware
- r650
- h510
- t310s_firmware
- r310
- r760
- t610_firmware
- smartzone_firmware
- r560
- h350_firmware
- t710s_firmware
- t750
- r510
- t310n
- h550
- t350c_firmware
- r760_firmware
- t310d
- t350c
- t750_firmware
- r320
- r350
- t310n_firmware
- r710_firmware
- t350se
- r850_firmware
- t305_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')