CVE-2025-63735

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

reflected Cross site scripting (XSS) vulnerability in Ruckus Unleashed 200.13.6.1.319 via the name parameter to the the captive-portal endpoint selfguestpass/guestAccessSubmit.jsp.

References

Link	Resource
https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS	Exploit Third Party Advisory
https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:ruckuswireless:ruckus_unleashed:200.13.6.1.319:*:*:*:*:*:*:*

History

09 Jan 2026, 02:22

Type	Values Removed	Values Added
CPE	cpe:2.3:h:ruckusnetworks:unleashed_r670:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r770:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r850:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r850_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350d:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r650_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_h350:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350d_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350se:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750se_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r770_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670sn_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r370_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750se:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350se_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_h550:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r550:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h350_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350c:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r370:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r650:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r550_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350e:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h550_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670sn:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r670_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r750:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350c_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350e_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r750_firmware:200.13.6.1.319:::::::*	cpe:2.3:a:ruckuswireless:ruckus_unleashed:200.13.6.1.319:::::::*
First Time		Ruckuswireless Ruckuswireless ruckus Unleashed

30 Dec 2025, 16:35

Type	Values Removed	Values Added
First Time		Ruckusnetworks unleashed R350e Firmware Ruckusnetworks unleashed R850 Ruckusnetworks unleashed R770 Firmware Ruckusnetworks unleashed R370 Firmware Ruckusnetworks unleashed H350 Firmware Ruckusnetworks unleashed R750 Ruckusnetworks unleashed H350 Ruckusnetworks unleashed T350se Firmware Ruckusnetworks unleashed T670 Firmware Ruckusnetworks unleashed T350c Ruckusnetworks unleashed R350e Ruckusnetworks unleashed T670sn Firmware Ruckusnetworks unleashed R670 Ruckusnetworks unleashed R370 Ruckusnetworks unleashed R550 Ruckusnetworks unleashed T750se Ruckusnetworks unleashed R550 Firmware Ruckusnetworks Ruckusnetworks unleashed H550 Firmware Ruckusnetworks unleashed T350se Ruckusnetworks unleashed T750 Firmware Ruckusnetworks unleashed T350d Ruckusnetworks unleashed T350d Firmware Ruckusnetworks unleashed T670 Ruckusnetworks unleashed R670 Firmware Ruckusnetworks unleashed H550 Ruckusnetworks unleashed R650 Ruckusnetworks unleashed R350 Firmware Ruckusnetworks unleashed R650 Firmware Ruckusnetworks unleashed R750 Firmware Ruckusnetworks unleashed T750se Firmware Ruckusnetworks unleashed T750 Ruckusnetworks unleashed R770 Ruckusnetworks unleashed T350c Firmware Ruckusnetworks unleashed R350 Ruckusnetworks unleashed R850 Firmware Ruckusnetworks unleashed T670sn
References	~~() https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS -~~	() https://github.com/huthx/CVE-2025-63735-Ruckus-Unleashed-Reflected-XSS - Exploit, Third Party Advisory
References	~~() https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/ -~~	() https://www.ruckusnetworks.com/products/network-control-and-management/controller-less/ - Product
CPE		cpe:2.3:h:ruckusnetworks:unleashed_r670:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r770:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r850:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r850_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350d:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r650_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_h350:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350d_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350se:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t750se_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r770_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670sn_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r370_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750se:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350se_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_h550:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r550:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h350_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t350c:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r370:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r650:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r550_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t670_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350e:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t750:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_h550_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r350:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670sn:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r670_firmware:200.13.6.1.319:::::::* cpe:2.3:h:ruckusnetworks:unleashed_r750:-:::::::* cpe:2.3:h:ruckusnetworks:unleashed_t670:-:::::::* cpe:2.3:o:ruckusnetworks:unleashed_t350c_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r350e_firmware:200.13.6.1.319:::::::* cpe:2.3:o:ruckusnetworks:unleashed_r750_firmware:200.13.6.1.319:::::::*

26 Nov 2025, 15:15

Type	Values Removed	Values Added
CWE		CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1

25 Nov 2025, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-25 22:15

Updated : 2026-01-09 02:22

NVD link : CVE-2025-63735

Mitre link : CVE-2025-63735

CVE.ORG link : CVE-2025-63735

JSON object : View

Products Affected

ruckuswireless

ruckus_unleashed

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1 /10