emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
https://www.ruckuswireless.com/security/299/view/txt
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html