CISA warns of critical Ruckus bug used to infect Wi-Fi access points

1 year ago
May 12, 2023
1 reply
10 views

+54

Jasper_The_Rasper
Moderator
11509 replies

May 12, 2023 By Sergiu Gatlan

CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the Ruckus Wireless Admin panel actively exploited by a recently discovered DDoS botnet.

While this security bug (CVE-2023-25717) was addressed in early February, many owners are likely yet to patch their Wi-Fi access points. Furthermore, no patch is available for those who own end-of-life models affected by this issue.

Attackers are abusing the bug to infect vulnerable Wi-Fi APs with AndoryuBot malware (first spotted in February 2023) via unauthenticated HTTP GET requests.

>> Full Article <<

O

oliverdavid
New Member
3 replies
1 year ago
May 14, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability affecting Wi-Fi access points made by Ruckus. The vulnerability, known as CVE-2021-22878, could allow attackers to take control of affected devices, potentially leading to unauthorized access to sensitive data or network resources.

According to CISA, the vulnerability is being actively exploited in the wild, with threat actors using it to infect Ruckus access points with malware. The agency recommends that organizations using Ruckus access points update their firmware as soon as possible to patch the vulnerability and prevent further exploitation.

Reply

Related Topics

Webroot Mobile Security and Antivirus Android app - [UPDATE] Battery Usage Issue

33% battery usage for Webroot ???icon

Product Update: Android version 5.5.3

PER APP battery usage stats in WSA Complete Mobile and Android 9 killed by update 5.5.4.36995

Mobile app for Android SECURITY screen missing some optionsicon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded