Commscope Security Vulnerabilities (CVEs)

Track 19 security vulnerabilities affecting Commscope products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

12 Critical

6 High

1 Medium

Sort by:

🔔 Get Alerts for Commscope

CVE-2025-44960 8.5

CVE-2025-44960 is an OS command injection vulnerability in RUCKUS SmartZone (SZ) network management software. Attackers can execute arbitrary commands...

Aug 4, 2025

CVE-2025-44961 9.9

This vulnerability allows authenticated users to execute arbitrary operating system commands by injecting malicious input into an IP address field in ...

Aug 4, 2025

CVE-2025-44963 9.0

CVE-2025-44963 allows attackers to forge administrator JSON Web Tokens (JWTs) in RUCKUS Network Director (RND) by exploiting a hardcoded secret key. T...

Aug 4, 2025

CVE-2025-44954 9.0

RUCKUS SmartZone network controllers before version 6.1.2p3 Refresh Build contain a hardcoded SSH private key for a root-equivalent account, allowing ...

Aug 4, 2025

CVE-2025-44958 5.3

RUCKUS Network Director (RND) versions before 4.5 store passwords in a recoverable format instead of using secure hashing. This vulnerability allows a...

Aug 4, 2025

CVE-2025-44955 8.8

CVE-2025-44955 is a privilege escalation vulnerability in RUCKUS Network Director (RND) where jailed users can gain root access using a weak, hardcode...

Aug 4, 2025

CVE-2023-45992 9.6

This vulnerability allows remote unauthenticated attackers to execute persistent cross-site scripting (XSS) and cross-site request forgery (CSRF) atta...

Oct 19, 2023

CVE-2022-45701 8.8

This vulnerability allows remote attackers to execute arbitrary code on Arris TG2482A routers via the ping utility feature. Attackers can gain full co...

Feb 17, 2023

CVE-2022-26997 9.8

CVE-2022-26997 is a critical command injection vulnerability in Arris TR3300 routers that allows attackers to execute arbitrary system commands via th...

Mar 15, 2022

CVE-2022-26999 9.8

The Arris TR3300 router contains a command injection vulnerability in its static IP configuration function. Attackers can execute arbitrary system com...

Mar 15, 2022

CVE-2022-27001 9.8

CVE-2022-27001 is a critical command injection vulnerability in Arris TR3300 routers that allows attackers to execute arbitrary system commands via th...

Mar 15, 2022

CVE-2022-26995 9.8

CVE-2022-26995 is a critical command injection vulnerability in Arris TR3300 routers that allows attackers to execute arbitrary system commands via cr...

Mar 15, 2022

CVE-2021-41552 8.8

This vulnerability allows remote attackers to execute arbitrary commands on CommScope SURFboard SBG6950AC2 devices via command injection. It affects u...

Feb 15, 2022

CVE-2021-20120 8.8

This CVE describes a cross-site request forgery (CSRF) vulnerability in the Arris Surfboard SB8200 cable modem administration interface. Attackers can...

Oct 21, 2021

CVE-2021-33218 9.8

CVE-2021-33218 is a critical vulnerability in CommScope Ruckus IoT Controller where hard-coded system passwords allow attackers to gain shell access. ...

Jul 7, 2021

CVE-2021-33220 7.8

CommScope Ruckus IoT Controller versions 1.7.1.0 and earlier contain hard-coded API keys that cannot be changed. This allows attackers to bypass authe...

Jul 7, 2021

CVE-2021-33221 9.8

CVE-2021-33221 exposes unauthenticated API endpoints in CommScope Ruckus IoT Controller versions 1.7.1.0 and earlier, allowing attackers to bypass aut...

Jul 7, 2021

CVE-2021-33216 9.8

CVE-2021-33216 is a critical backdoor vulnerability in CommScope Ruckus IoT Controller that allows attackers to gain shell access via an undocumented ...

Jul 7, 2021

CVE-2020-26879 9.8

CVE-2020-26879 is a critical authentication bypass vulnerability in Ruckus vRioT software where a hardcoded backdoor token allows unauthenticated API ...

Oct 26, 2020

Why Monitor Commscope Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 19+ known vulnerabilities affecting Commscope products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Commscope packages in under 60 seconds. No agents required - completely agentless scanning that works across Commscope deployments.

Free vulnerability database: Access detailed information about every Commscope CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Commscope CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Commscope CVEs Free