May 10, 2023
Ruckus RCE vulnerability exploits in the wild
Following the critical vulnerability in Ruckus Wireless Admin panels that was fixed on February 8, 2023.
Exploitation of the vulnerability by a botnet named ‘AndoryuBot’ and remote code execution was observed.
The Critical Vulnerability
- CVE-2023-25717 (CVSS 3.1: 9.1, Critical) Vulnerability in Ruckus Wireless Admin panels , allowing remote attackers to perform code execution by sending unauthenticated HTTP GET requests to vulnerable devices.
- All Ruckus Wireless Admin panels version 10.4 and older.
CYREBRO those who use the vulnerable products to apply available patches in order to prevent botnet malware infection
References: SAP Advisory