CVE-2025-63735 - Vulnerability Details

A reflected Cross site scripting (XSS) vulnerability in Ruckus Unleashed 200.13.6.1.319 via the name parameter to the the captive-portal endpoint selfguestpass/guestAccessSubmit.jsp.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00034.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Ruckus Subscribe	Unleashed Subscribe
Ruckusnetworks Subscribe	Unleashed H350 Subscribe Unleashed H350 Firmware Subscribe Unleashed H550 Subscribe Unleashed H550 Firmware Subscribe Unleashed R350 Subscribe Unleashed R350 Firmware Subscribe Unleashed R350e Subscribe Unleashed R350e Firmware Subscribe Unleashed R370 Subscribe Unleashed R370 Firmware Subscribe Unleashed R550 Subscribe Unleashed R550 Firmware Subscribe Unleashed R650 Subscribe Unleashed R650 Firmware Subscribe Unleashed R670 Subscribe Unleashed R670 Firmware Subscribe Unleashed R750 Subscribe Unleashed R750 Firmware Subscribe Unleashed R770 Subscribe Unleashed R770 Firmware Subscribe Unleashed R850 Subscribe Unleashed R850 Firmware Subscribe Unleashed T350c Subscribe Unleashed T350c Firmware Subscribe Unleashed T350d Subscribe Unleashed T350d Firmware Subscribe Unleashed T350se Subscribe Unleashed T350se Firmware Subscribe Unleashed T670 Subscribe Unleashed T670 Firmware Subscribe Unleashed T670sn Subscribe Unleashed T670sn Firmware Subscribe Unleashed T750 Subscribe Unleashed T750 Firmware Subscribe Unleashed T750se Subscribe Unleashed T750se Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r770_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r770:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r670_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r670:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r370_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r370:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r850_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r850:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r750_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r750:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r650_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r650:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r550_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r550:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r350_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r350:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_r350e_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_r350e:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t670_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t670:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t670sn_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t670sn:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t750_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t750:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t750se_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t750se:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t350c_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t350c:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t350d_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t350d:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_t350se_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_t350se:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_h550_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_h550:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:ruckusnetworks:unleashed_h350_firmware:200.13.6.1.319:*:*:*:*:*:*:*

cpe:2.3:h:ruckusnetworks:unleashed_h350:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Ruckus Subscribe	Unleashed Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS
https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/

History

Tue, 30 Dec 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ruckusnetworks Ruckusnetworks unleashed H350 Ruckusnetworks unleashed H350 Firmware Ruckusnetworks unleashed H550 Ruckusnetworks unleashed H550 Firmware Ruckusnetworks unleashed R350 Ruckusnetworks unleashed R350 Firmware Ruckusnetworks unleashed R350e Ruckusnetworks unleashed R350e Firmware Ruckusnetworks unleashed R370 Ruckusnetworks unleashed R370 Firmware Ruckusnetworks unleashed R550 Ruckusnetworks unleashed R550 Firmware Ruckusnetworks unleashed R650 Ruckusnetworks unleashed R650 Firmware Ruckusnetworks unleashed R670 Ruckusnetworks unleashed R670 Firmware Ruckusnetworks unleashed R750 Ruckusnetworks unleashed R750 Firmware Ruckusnetworks unleashed R770 Ruckusnetworks unleashed R770 Firmware Ruckusnetworks unleashed R850 Ruckusnetworks unleashed R850 Firmware Ruckusnetworks unleashed T350c Ruckusnetworks unleashed T350c Firmware Ruckusnetworks unleashed T350d Ruckusnetworks unleashed T350d Firmware Ruckusnetworks unleashed T350se Ruckusnetworks unleashed T350se Firmware Ruckusnetworks unleashed T670 Ruckusnetworks unleashed T670 Firmware Ruckusnetworks unleashed T670sn Ruckusnetworks unleashed T670sn Firmware Ruckusnetworks unleashed T750 Ruckusnetworks unleashed T750 Firmware Ruckusnetworks unleashed T750se Ruckusnetworks unleashed T750se Firmware
CPEs		cpe:2.3:h:ruckusnetworks:unleashed_h350:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_h550:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350e:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r370:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r550:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r650:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r670:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r750:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r770:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r850:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350c:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350d:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350se:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670sn:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750se:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h350_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h550_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350e_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r370_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r550_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r650_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r670_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r750_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r770_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r850_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350c_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350d_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350se_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670sn_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750se_firmware:200.13.6.1.319:::::::*
Vendors & Products		Ruckusnetworks Ruckusnetworks unleashed H350 Ruckusnetworks unleashed H350 Firmware Ruckusnetworks unleashed H550 Ruckusnetworks unleashed H550 Firmware Ruckusnetworks unleashed R350 Ruckusnetworks unleashed R350 Firmware Ruckusnetworks unleashed R350e Ruckusnetworks unleashed R350e Firmware Ruckusnetworks unleashed R370 Ruckusnetworks unleashed R370 Firmware Ruckusnetworks unleashed R550 Ruckusnetworks unleashed R550 Firmware Ruckusnetworks unleashed R650 Ruckusnetworks unleashed R650 Firmware Ruckusnetworks unleashed R670 Ruckusnetworks unleashed R670 Firmware Ruckusnetworks unleashed R750 Ruckusnetworks unleashed R750 Firmware Ruckusnetworks unleashed R770 Ruckusnetworks unleashed R770 Firmware Ruckusnetworks unleashed R850 Ruckusnetworks unleashed R850 Firmware Ruckusnetworks unleashed T350c Ruckusnetworks unleashed T350c Firmware Ruckusnetworks unleashed T350d Ruckusnetworks unleashed T350d Firmware Ruckusnetworks unleashed T350se Ruckusnetworks unleashed T350se Firmware Ruckusnetworks unleashed T670 Ruckusnetworks unleashed T670 Firmware Ruckusnetworks unleashed T670sn Ruckusnetworks unleashed T670sn Firmware Ruckusnetworks unleashed T750 Ruckusnetworks unleashed T750 Firmware Ruckusnetworks unleashed T750se Ruckusnetworks unleashed T750se Firmware

Thu, 27 Nov 2025 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ruckus Ruckus unleashed
Vendors & Products		Ruckus Ruckus unleashed

Wed, 26 Nov 2025 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-79
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 25 Nov 2025 21:30:00 +0000

Type	Values Removed	Values Added
Description		A reflected Cross site scripting (XSS) vulnerability in Ruckus Unleashed 200.13.6.1.319 via the name parameter to the the captive-portal endpoint selfguestpass/guestAccessSubmit.jsp.
References		https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-11-25T00:00:00.000Z

Updated: 2025-11-26T14:49:35.101Z

Reserved: 2025-10-27T00:00:00.000Z

Link: CVE-2025-63735

Vulnrichment

Updated: 2025-11-26T14:49:30.415Z

NVD

Status : Analyzed

Published: 2025-11-25T22:15:47.860

Modified: 2025-12-30T16:35:33.290

Link: CVE-2025-63735

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-11-27T16:28:01Z

Weaknesses

CWE-79

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object