PT-2021-20086 · Commscope · Commscope Ruckus Iot Controller
Jim Becher
+1
·
Published
2021-05-31
·
Updated
2025-04-16
·
CVE-2021-33216
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CommScope Ruckus IoT Controller versions 1.7.1.0 and earlier
Description
An issue exists in the CommScope Ruckus IoT Controller, where an undocumented backdoor allows shell access via a developer account. This backdoor enables unauthorized access, potentially leading to further exploitation.
Recommendations
For CommScope Ruckus IoT Controller versions 1.7.1.0 and earlier, as a temporary workaround, consider disabling developer account access until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Commscope Ruckus Iot Controller