CVE-2021-4474

MEDIUM

4.9

Beschreibung

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive information including configuration files, credentials, and system data stored on the device.

CVE Details

CVSS v3.1 Bewertung4.9

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht3/26/2026

Zuletzt geandert3/30/2026

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-552

Referenzen

https://support.ruckuswireless.com/security_bulletins/306(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/ruckus-ap-cli-arbitrary-file-read-allows-authenticated-remote-file-access(disclosure@vulncheck.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.