CVE-2023-7338 PUBLISHED

Ruckus Unleashed Authenticated RCE in Gateway Mode

Assigner: VulnCheck
Reserved: 23.03.2026 Published: 26.03.2026 Updated: 26.03.2026

Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests through the management interface to achieve arbitrary code execution on affected systems.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 7.7

Product Status

Vendor Ruckus Networks
Product RUCKUS H350
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS H550
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS R350
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS R550
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS R650
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS R750
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS R850
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS T350c
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS T350d
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS T350se
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS T750
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS T750SE
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product RUCKUS Unleashed
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus C110
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus E510
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus H320
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus H510
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus M510-JP
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus R320
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus R510
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus R610
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus R710
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus R720
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T310c
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T310d
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T310n
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T310s
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T610
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T710
Versions Default: affected
  • Version unknown is affected
Vendor Ruckus Networks
Product Ruckus T710s
Versions Default: affected
  • Version unknown is affected

References

Problem Types

  • Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) CWE