CVE Daily

CVE-2025-44957

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass ...

High CVSS 8.5

Overview

Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.

CWE: CWE-288 Published: 2025-08-04T17:15:29.730
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.5 (HIGH)
  • Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags