Ruckus Unleashed: Multiple vulnerabilities exploited This blog post describes multiple vulnerabilities found in the firmware of Ruckus Unleashed and ZoneDirector. The vulnerabilities were found and reported to CommScope by René Ammerlaan, a guest writer for this blog post. I will take you through all the vulnerabilities and demonstrate how they can be exploited by an attacker.

Today on our blog: a guest post from René Ammerlaan about multiple vulnerabilities he found in Ruckus Unleashed. The most impressive part was how he chained some of them together to go from access to the guest WiFi network to RCE on the controller itself!

sector7.computest.nl/post/2025-07...

What I noticed about Meshtastic is that you can create your own encrypted channels and the mesh can forward messages for you, even if they can’t read them.

But they forgot to add a MAC to the encryption protocol. It’s AES-CTR, so anyone who forwards your message can just arbitrarily change it!

Share the risk, share the exploit? 😂

On my way to Hamburg for #38c3! 😊

Boom! Daan Keuper (@daankeuper), Thijs Alkemade (@xnyhps), and Khaled Nassar (@notkmhn) from Computest Sector 7 (@sector7_nl) took no time in executing their SOHO smashup - going from the QNAP QHora-322 to the TrueNAS Mini X. TThey're off to the disclosure room. #Pwn2Own