Security researchers have discovered three serious remote code execution vulnerabilities in the Ruckus wireless routers that can be used by hackers to bypass the router and remotely control.
It is understood that these vulnerabilities were discovered in a web-based interface. Through these vulnerabilities, hackers can gain root user access on the router, use the router without a password, and take complete control of the Internet. But researchers said that it would be very difficult to fully exploit these vulnerabilities because three vulnerabilities need to be coordinated.
By controlling the router, an attacker can monitor unencrypted traffic on the corporate network, then redirect users to websites containing malware, and use phishing attacks to steal sensitive information such as usernames and passwords.
Ruckus Wireless is a Silicon Valley-based mobile network wireless system provider. The company targets global mobile operators, broadband service providers, and enterprise users. Sale and manufacture of various indoor and outdoor Smart Wi-Fi products. So far, the company has sold more than 2 million smart Wi-Fi systems worldwide.
Currently, the company has released patches to fix the vulnerabilities. It is strongly recommended that its customers update in a timely manner.