Skip to main content

CISA warns of critical Ruckus bug used to infect Wi-Fi access points

  • May 12, 2023
  • 1 reply
  • 10 views

Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

May 12, 2023 By Sergiu Gatlan

 

CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the Ruckus Wireless Admin panel actively exploited by a recently discovered DDoS botnet.

While this security bug (CVE-2023-25717) was addressed in early February, many owners are likely yet to patch their Wi-Fi access points. Furthermore, no patch is available for those who own end-of-life models affected by this issue.

Attackers are abusing the bug to infect vulnerable Wi-Fi APs with AndoryuBot malware (first spotted in February 2023) via unauthenticated HTTP GET requests.

 

>> Full Article <<

1 reply

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability affecting Wi-Fi access points made by Ruckus. The vulnerability, known as CVE-2021-22878, could allow attackers to take control of affected devices, potentially leading to unauthorized access to sensitive data or network resources.

According to CISA, the vulnerability is being actively exploited in the wild, with threat actors using it to infect Ruckus access points with malware. The agency recommends that organizations using Ruckus access points update their firmware as soon as possible to patch the vulnerability and prevent further exploitation.


Reply