Known Vulnerabilities for products from Commscope
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Commscope".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Commscope can be found at device.report : Commscope
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-67305 json | In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys ... | Not Provided | 2026-02-19 | 2026-04-03 |
| CVE-2025-67304 json | In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL datab... | Not Provided | 2026-02-19 | 2026-04-03 |
| CVE-2024-23618 json | 9.8 - CRITICAL | 2024-01-26 | 2024-01-31 | |
| CVE-2023-45992 json | A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allo... | 9.6 - CRITICAL | 2023-10-19 | 2023-10-31 |
| CVE-2023-27572 json | An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerabili... | 6.1 - MEDIUM | 2023-04-15 | 2023-04-21 |
| CVE-2023-27571 json | An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log f... | 5.3 - MEDIUM | 2023-04-15 | 2023-04-21 |
| CVE-2022-45701 json | Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. | 8.8 - HIGH | 2023-02-17 | 2023-02-27 |
| CVE-2022-27002 json | Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddn... | 9.8 - CRITICAL | 2022-03-15 | 2023-11-07 |
| CVE-2022-27001 json | Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname param... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-27000 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-26999 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the w... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-26998 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enro... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-26997 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parame... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-26996 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2022-26995 json | Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the... | 9.8 - CRITICAL | 2022-03-15 | 2023-08-08 |
| CVE-2021-41552 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-02-15 | 2022-02-23 |
| CVE-2021-36630 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-01-18 | 2023-01-31 |
| CVE-2021-33221 json | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints. | 9.8 - CRITICAL | 2021-07-07 | 2021-07-09 |
| CVE-2021-33220 json | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist. | 7.8 - HIGH | 2021-07-07 | 2021-07-09 |
| CVE-2021-33219 json | An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administ... | 9.8 - CRITICAL | 2021-07-07 | 2021-07-09 |
Known software with vulnerabilities from Commscope
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Commscope | Ruckus Zoneflex R500 Firmware | 3.4.2.0.384 |
| Hardware | Commscope | Tr4400 | - |
| Operating System | Commscope | Tr4400 Firmware | - |