CISA warns of critical Ruckus bug used to infect Wi-Fi access points

1 year ago
May 12, 2023
1 reply
10 views

+54

Jasper_The_Rasper
Moderator
11508 replies

May 12, 2023 By Sergiu Gatlan

CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the Ruckus Wireless Admin panel actively exploited by a recently discovered DDoS botnet.

While this security bug (CVE-2023-25717) was addressed in early February, many owners are likely yet to patch their Wi-Fi access points. Furthermore, no patch is available for those who own end-of-life models affected by this issue.

Attackers are abusing the bug to infect vulnerable Wi-Fi APs with AndoryuBot malware (first spotted in February 2023) via unauthenticated HTTP GET requests.

>> Full Article <<

O

oliverdavid
New Member
3 replies
1 year ago
May 14, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability affecting Wi-Fi access points made by Ruckus. The vulnerability, known as CVE-2021-22878, could allow attackers to take control of affected devices, potentially leading to unauthorized access to sensitive data or network resources.

According to CISA, the vulnerability is being actively exploited in the wild, with threat actors using it to infect Ruckus access points with malware. The agency recommends that organizations using Ruckus access points update their firmware as soon as possible to patch the vulnerability and prevent further exploitation.

Reply

Related Topics

after install webroot , windows defender disable ! ( windows 10 64bit )icon

Problems with Windows 10 "Anniversary" updateicon

Windows 10 not updating. web says disable webroot start windows defender.icon

Spyware and Virus Protectionicon

Does Webroot Disable the Malware App in WinX Home?icon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded