Vulnerability Details CVE-2025-46120
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a remote unauthenticated attacker who can upload a template (e.g., via FTP) to escalate privileges and run arbitrary template code on the controller.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-46120
-
cpe:2.3:a:ruckuswireless:ruckus_unleashed:*
-
cpe:2.3:a:ruckuswireless:ruckus_zonedirector:*
-
cpe:2.3:h:commscope:ruckus_c110:-
-
cpe:2.3:h:commscope:ruckus_e510:-
-
cpe:2.3:h:commscope:ruckus_h320:-
-
cpe:2.3:h:commscope:ruckus_h350:-
-
cpe:2.3:h:commscope:ruckus_h510:-
-
cpe:2.3:h:commscope:ruckus_h550:-
-
cpe:2.3:h:commscope:ruckus_m510-jp:-
-
cpe:2.3:h:commscope:ruckus_m510:-
-
cpe:2.3:h:commscope:ruckus_r310:-
-
cpe:2.3:h:commscope:ruckus_r320:-
-
cpe:2.3:h:commscope:ruckus_r350:-
-
cpe:2.3:h:commscope:ruckus_r350e:-
-
cpe:2.3:h:commscope:ruckus_r510:-
-
cpe:2.3:h:commscope:ruckus_r550:-
-
cpe:2.3:h:commscope:ruckus_r560:-
-
cpe:2.3:h:commscope:ruckus_r610:-
-
cpe:2.3:h:commscope:ruckus_r650:-
-
cpe:2.3:h:commscope:ruckus_r670:-
-
cpe:2.3:h:commscope:ruckus_r710:-
-
cpe:2.3:h:commscope:ruckus_r720:-
-
cpe:2.3:h:commscope:ruckus_r730:-
-
cpe:2.3:h:commscope:ruckus_r750:-
-
cpe:2.3:h:commscope:ruckus_r760:-
-
cpe:2.3:h:commscope:ruckus_r770:-
-
cpe:2.3:h:commscope:ruckus_r850:-
-
cpe:2.3:h:commscope:ruckus_t310c:-
-
cpe:2.3:h:commscope:ruckus_t310n:-
-
cpe:2.3:h:commscope:ruckus_t310s:-
-
cpe:2.3:h:commscope:ruckus_t350c:-
-
cpe:2.3:h:commscope:ruckus_t350d:-
-
cpe:2.3:h:commscope:ruckus_t350se:-
-
cpe:2.3:h:commscope:ruckus_t610:-
-
cpe:2.3:h:commscope:ruckus_t670:-
-
cpe:2.3:h:commscope:ruckus_t710:-
-
cpe:2.3:h:commscope:ruckus_t710s:-
-
cpe:2.3:h:commscope:ruckus_t750:-
-
cpe:2.3:h:commscope:ruckus_t750se:-
-
cpe:2.3:h:commscope:ruckus_t811-cm:-
-
cpe:2.3:h:commscope:ruckus_t811-cm_(non-sfp):-
-
cpe:2.3:h:commscope:zonedirector_1200:-