A vulnerability in Ruckus CloudPath 5.12 build 5538 or before could allows a remote unauthenticated attacker to obtain full administrator privileges by leveraging Stored Cross-Site Scripting and Cross-Site Request Forgery Vulnerability using a crafted script. On 16 Oct 2023, the vendor has published version 5.12 build 5550 which resolved the vulnerability.
Technical details of the vulnerability will be published in the future.
https://support.ruckuswireless.com/security_bulletins/322
https://www.cve.org/CVERecord?id=CVE-2023-45992