Cyber Resilience

CVE-2023-7338

HighPublic PoCRCE

Published: 26 March 2026

Published
26 March 2026
Modified
30 March 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0034 57.2th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-7338 is a high-severity OS Command Injection (CWE-78) vulnerability in Ruckuswireless (inferred from references). Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 42.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2023-7338 is a remote code execution vulnerability in the web-based management interface of Ruckus Unleashed wireless access point controllers. The flaw, classified under CWE-78 (OS Command Injection), affects systems when gateway mode is enabled and has a CVSS v3.1 base score of 7.5 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). It allows authenticated remote attackers to execute arbitrary code on the affected system by sending specially crafted requests through the management interface.

Attackers require low privileges (such as standard user access to the management interface) and must achieve network access to the target, though exploitation involves high complexity. Successful exploitation grants arbitrary code execution on the Ruckus Unleashed system, potentially leading to high impacts on confidentiality, integrity, and availability without user interaction or scope changes.

Mitigation details and patches are outlined in official advisories, including Ruckus Wireless Security Bulletin 320 at https://support.ruckuswireless.com/security_bulletins/320 and VulnCheck's analysis at https://www.vulncheck.com/advisories/ruckus-unleashed-authenticated-rce-in-gateway-mode. Security practitioners should consult these resources for version-specific remediation guidance.

EU & UK References

Vulnerability details

Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests…

more

through the management interface to achieve arbitrary code execution on affected systems.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct RCE via OS command injection in a web management interface enables exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-4631Shared CWE-78
CVE-2026-42062Shared CWE-78
CVE-2025-41709Shared CWE-78
CVE-2025-56819Shared CWE-78
CVE-2026-34176Shared CWE-78
CVE-2020-37125Shared CWE-78
CVE-2026-34387Shared CWE-78
CVE-2026-32968Shared CWE-78
CVE-2025-60803Shared CWE-78
CVE-2026-25111Shared CWE-78

Affected Assets

Ruckuswireless
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly eliminates the command injection vulnerability by requiring timely application of vendor patches for Ruckus Unleashed systems.

prevent

Prevents exploitation of the OS command injection (CWE-78) flaw by validating and sanitizing specially crafted requests to the web management interface.

prevent

Limits remote network access to the vulnerable web management interface, reducing the attack surface for authenticated attackers.

References