CVE-2021-4474

MEDIUM

4.9

Descripcion

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive information including configuration files, credentials, and system data stored on the device.

Detalles CVE

Puntuacion CVSS v3.14.9

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosHIGH

Interaccion usuarioNONE

Publicado3/26/2026

Ultima modificacion3/30/2026

Fuentenvd

Avistamientos honeypot0

Debilidades (CWE)

CWE-552

Referencias

https://support.ruckuswireless.com/security_bulletins/306(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/ruckus-ap-cli-arbitrary-file-read-allows-authenticated-remote-file-access(disclosure@vulncheck.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.