Report a potential issue:

The Ruckus Security Incident Response Policy

View customer-only security bulletins

Ruckus response to the WPA2 (KRACK) vulnerability:
Ruckus Wireless Support Resource Center

The Ruckus Product Security Team is responsible for researching, analyzing and responding to security incident reports related to Ruckus products. This team is the first point of contact for all security incident reports and works directly with Ruckus customers, security researchers, government organizations, consultants, industry security organizations, and other vendors to identify security issues with Ruckus products. This team is also responsible for publishing security advisories and communicating with outside entities regarding mitigation steps for addressing particular security issues with Ruckus products.

Reporting a Security Issue to Ruckus

Ruckus encourages individuals and organizations to report all Ruckus-related product related vulnerabilities and security issues directly to Ruckus via our email alias:

A link to the Ruckus Security Incident Response Policy is available here.

Please provide a detailed description of the issue along with sufficient information to reasonably enable Ruckus to reproduce the issue. Please also include a technical contact, list of Ruckus products affected and any other helpful information such as logs and console messages etc.

If you are a currently experiencing a network outage or need help configuring a security feature, please contact Ruckus via any of the contact methods listed on the Support Contact page.

Security Bulletins

IDTitleVersionRelease DateEdit DateFAQ
070815Logjam vulnerability against Diffie-Hellman Key Exchange with TLS Protocol - CVE-2015-02911July 8, 2015July 8, 2015
071216Vulnerabilities in OpenSSL and Related Updates - CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-21761July 12, 2016July 12, 2016
071715Packet Injection Vulnerability on 802.11n MAC Frame Aggregation1July 17, 2015July 17, 2015
072115X509_verify_cert function vulnerability in OpenSSL - CVE-2015-17931July 21, 2015July 21, 2015
072817Vulnerabilities updates for RC4(CVE-2013-2566, CVE-2015-2808), SWEET32 (CVE-2016-2183) and SSL certificate signed using weak hashing algorithm (CVE-2004-2761)1July 28, 2017July 28, 2017
080216Vulnerabilities in WebGUI Interface on Ruckus Unmanaged-APs1August 2, 2016August 2, 2016
081215SSH Login Vulnerability - CVE-2012-14931August 12, 2015August 12, 2015
081516Linux TCP Flaw - CVE-2016-56961August 15, 2016August 15, 2016
090315Vulnerabilities in OpenSSH Distributions - CVE-2015-5600, CVE-2015-6563, CVE-2015-65641September 3, 2015September 3, 2015
092914GNU Bash vulnerability - CVE-2014-6271 and CVE-2014-71692September 29, 2014October 8, 2014