This is an important security announcement.
A critical vulnerability was found in the web services component in earlier RUCKUS AP software. If the
affected web services component is enabled on the AP, this vulnerability allows an attacker to perform
remote code execution (RCE) and cross-site request forgery (CSRF).
A security bulletin was posted by RUCKUS Networks Security team on 8th Feb 2023. Please refer the same from the below link.
You can also refer our Technical Support Response Center page from the below link. It has more information.
Please be informed, all the impacted devices were already fixed long back. However, if you are running your RUCKUS APs on an impacted version, please refer our Technical Support Response Center page and upgrade your controller/APs to the recommended versions.
While you check and plan to upgrade your devices, we strongly recommend you to implement the workaround first, as this will immediately block the possibility of this security vulnerability.
Workaround: This vulnerability can be mitigated by disabling the web services (HTTP and HTTPS) on the AP. This can be done by using the AP CLI command "set https disable" and "set http disable" command.
Note: For ZoneDirector and SmartZone APs, the web services components are disabled by default, once AP joins the controller.
Some quick facts:
If you got any queries, please use the comment section on this thread.
Is there a way to verify if our APs that are inside of vSZ have in fact gotten the HTTPS GUI turned off ? I've come into this infra long after they were installed and would like to have certainties that this feature is turned off on all AP's
@Jakezxz1 By default all the AP's connecting to vSZ will get HTTP/HTTPS disabled
You can confirm the same by logging to AP CLI (SSH) and execute the below commands,
"get http" and "get https", this will provide you the status of GUI
Also, you ca try picking any random AP and try accessing the AP using a browser.
When I run get https on my APs I get this:
HTTPs access is enabled
But the service is off, it is turned off to save memory once AP is managed by SCG!
If you need the service, please enable again by command "set https/http enable"!
does that mean it's vulnerable or not?