July 21, 2025

Ruckus Unleashed: Multiple vulnerabilities exploited

This blog post describes multiple vulnerabilities found in the firmware of Ruckus Unleashed and ZoneDirector. The vulnerabilities were found and reported to CommScope by René Ammerlaan, a guest writer for this blog post. I will take you through all the vulnerabilities and demonstrate how they can be exploited by an attacker.

July 4, 2019

Spring Security - insufficient cryptographic randomness

The `SecureRandomFactoryBean` class in Spring Security by Pivotal has a vulnerability in certain versions that could lead to the generation of predictable random values when a custom seed is supplied. This vulnerability could lead to predictable keys or tokens in applications that depend on cryptographically-secure randomness. Applications that use this class may need to evaluate if any predictable tokens were generated that should be revoked.

Menu