CVE-2023-7338
Remote Code Execution in Ruckus Unleashed Management Interface
Publication date: 2026-03-26
Last updated on: 2026-03-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ruckus_wireless | ruckus_unleashed | From 6.1.2 (inc) to 7.1.1 (inc) |
| ruckus_wireless | ruckus_h350 | * |
| ruckus_wireless | ruckus_h550 | * |
| ruckus_wireless | ruckus_r350 | * |
| ruckus_wireless | ruckus_r550 | * |
| ruckus_wireless | ruckus_r650 | * |
| ruckus_wireless | ruckus_r750 | * |
| ruckus_wireless | ruckus_r850 | * |
| ruckus_wireless | ruckus_t350c | * |
| ruckus_wireless | ruckus_t350d | * |
| ruckus_wireless | ruckus_t350se | * |
| ruckus_wireless | ruckus_t750 | * |
| ruckus_wireless | ruckus_t750se | * |
| ruckus_wireless | ruckus_c110 | * |
| ruckus_wireless | ruckus_e510 | * |
| ruckus_wireless | ruckus_h320 | * |
| ruckus_wireless | ruckus_h510 | * |
| ruckus_wireless | ruckus_m510-jp | * |
| ruckus_wireless | ruckus_r320 | * |
| ruckus_wireless | ruckus_r510 | * |
| ruckus_wireless | ruckus_r610 | * |
| ruckus_wireless | ruckus_r710 | * |
| ruckus_wireless | ruckus_r720 | * |
| ruckus_wireless | ruckus_t310c | * |
| ruckus_wireless | ruckus_t310d | * |
| ruckus_wireless | ruckus_t310n | * |
| ruckus_wireless | ruckus_t310s | * |
| ruckus_wireless | ruckus_t610 | * |
| ruckus_wireless | ruckus_t710 | * |
| ruckus_wireless | ruckus_t710s | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-7338 is a remote code execution vulnerability found in the web-based management interface of Ruckus Unleashed devices. This flaw allows an authenticated remote attacker to execute arbitrary code on the affected system when the device is operating in gateway mode. The attacker exploits this vulnerability by sending specially crafted requests through the management interface, which leads to the execution of unauthorized commands on the device.
The vulnerability affects multiple Ruckus products, including various Wi-Fi 6 access points and wireless hubs, such as the H350, H550, R350, R550, R650, R750, R850, and several T-series models. These devices support advanced wireless features and are commonly used in residential and small business networks.
How can this vulnerability impact me? :
This vulnerability can have serious impacts because it allows an authenticated attacker to remotely execute arbitrary code on the affected device. This means the attacker could potentially take full control of the device, leading to compromise of the network managed by it.
- Unauthorized control over the device and its functions.
- Potential disruption of network services and availability.
- Exposure of sensitive data due to compromised device confidentiality.
- Integrity of network operations could be undermined by malicious commands.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects Ruckus Unleashed devices operating in gateway mode and can be exploited via the web-based management interface by authenticated users sending specially crafted requests.
To detect this vulnerability on your network or system, you should first identify if any Ruckus Unleashed or affected Ruckus devices (such as H350, H550, R350, R550, R650, R750, R850, T350c/d/se, T750/SE, and others) are operating in gateway mode.
Since the vulnerability requires authenticated access and specially crafted requests, detection can involve monitoring for unusual or unauthorized access attempts to the web management interface, especially requests that attempt command injection.
Specific commands or tools to detect this vulnerability are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the relevant patches or updates provided by Ruckus Wireless as detailed in their Security Bulletin 20230731.
Additionally, if possible, disable gateway mode on affected devices until patches can be applied, as the vulnerability specifically arises when gateway mode is enabled.
Restrict access to the web-based management interface to trusted administrators only and enforce strong authentication controls to reduce the risk of exploitation.