1. Home
  2. CVE Database
  3. CVE-2025-46119
MEDIUM · 6.3

CVE-2025-46119

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management en...

Vulnerability Description

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management endpoint `/admin/_cmdstat.jsp` discloses the administrator password in a trivially reversible obfuscated form. The same obfuscation method persists in configuration prior to 200.18.7.1.302, allowing anyone who obtains the system configuration to recover the plaintext credentials.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
RuckuswirelessRuckus Unleashed< 200.15.6.212.14
RuckuswirelessRuckus Zonedirector< 10.5.1.0.279
CommscopeRuckus C110-
CommscopeRuckus E510-
CommscopeRuckus H320-
CommscopeRuckus H350-
CommscopeRuckus H510-
CommscopeRuckus H550-
CommscopeRuckus M510-
CommscopeRuckus M510-Jp-
CommscopeRuckus R310-
CommscopeRuckus R320-
CommscopeRuckus R350-
CommscopeRuckus R350E-
CommscopeRuckus R510-
CommscopeRuckus R550-
CommscopeRuckus R560-
CommscopeRuckus R610-
CommscopeRuckus R650-
CommscopeRuckus R670-

Related Weaknesses (CWE)

CWE-555

References

FAQ

What is CVE-2025-46119?

CVE-2025-46119 is a vulnerability with a CVSS score of 6.3 (MEDIUM). An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where an authenticated request to the management en...

How severe is CVE-2025-46119?

CVE-2025-46119 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-46119?

Check the references section above for vendor advisories and patch information. Affected products include: Ruckuswireless Ruckus Unleashed, Ruckuswireless Ruckus Zonedirector, Commscope Ruckus C110, Commscope Ruckus E510, Commscope Ruckus H320.