Solved: RUCKUS Forums - Re: zd1000 渗透问题解决

lanwei · ‎07-30-2025

您好！

我这几天做了渗透，发现ZD1000有些漏洞，我希望得到您们支持支持

问题1“关闭FTP明文认证”

问题2“禁用 SSLv2、SSLv3 和 TLS 1.0。启用 TLS 1.2”

问题3“禁用 TLS 配置中的任何弱 HMAC 算法”

因为比较着急，还请尽快答复！

谢谢

ms264556 · ‎07-31-2025

Oh, that's much easier. Assuming your APs are all compatible, just upgrade to the latest 10.5.1 release. It disables all of the insecure protocols.

View solution in original post

ms264556 · ‎07-30-2025

Ruckus hasn't sold the ZD1000 since 2012, and stopped updating the software in 2013.

All of your vulnerabilities are things which were normal in 2013 products.

I have a page here where you can enter the APs you are running & see the latest compatible controllers.

But probably you would need to replace all of your APs to run something modern enough to close those findings.

lanwei · ‎07-30-2025

Thank you
Based on your answer, I can conclude that these issues cannot be resolved on this ZD1000, right?
If the issue is resolved, do I need to replace the AP or AC, or do I need to replace both AC and AP?
Is it possible to upgrade the current AC firmware to solve this problem?
Thank you

lanwei · ‎07-31-2025

对不起，刚发现我的写有问题

我的型号是ZD1200

问题是同样的。