CVE-2021-4474

MEDIUM

4.9

Description

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive information including configuration files, credentials, and system data stored on the device.

Details CVE

Score CVSS v3.14.9

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisHIGH

Interaction utilisateurNONE

Publie3/26/2026

Derniere modification3/30/2026

Sourcenvd

Observations honeypot0

Faiblesses (CWE)

CWE-552

References

https://support.ruckuswireless.com/security_bulletins/306(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/ruckus-ap-cli-arbitrary-file-read-allows-authenticated-remote-file-access(disclosure@vulncheck.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.