Vulnerability-Lookup - Search a vulnerability

CVE-2019-19836 (GCVE-0-2019-19836)

Vulnerability from cvelistv5

Published

2020-01-22 18:13

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T18:13:49",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19836",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19836",
    "datePublished": "2020-01-22T18:13:49",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19842 (GCVE-0-2019-19842)

Vulnerability from cvelistv5

Published

2020-01-22 20:31

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.669Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T20:31:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19842",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19842",
    "datePublished": "2020-01-22T20:31:11",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-49225 (GCVE-0-2023-49225)

Vulnerability from cvelistv5

Published

2023-12-07 06:22

Modified

2025-05-28 13:58

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

Cross-site scripting (XSS)

Summary

A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/323
	https://jvn.jp/en/jp/JVN45891816/

Impacted products

Vendor

Product

Version

▼

CommScope, Inc.

ZoneDirector

Version: 10.5.1 and earlier

CommScope, Inc.	SmartZone	Version: 6.1.1 and earlier
CommScope, Inc.	AP Solo R750	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R650	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R730	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T750	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R550	Version: 114.0.0.0.5585 and earlier
CommScope, Inc.	AP Solo R850	Version: 114.0.0.0.5585 and earlier
CommScope, Inc.	AP Solo T750SE	Version: 114.0.0.0.5585 and earlier
CommScope, Inc.	AP Solo R510	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T310D	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo E510	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo C110	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R320	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo H510	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo H320	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T310S	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T310N	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T310C	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T305	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo M510	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R720	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R710	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T710	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T710s	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T610	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo T610s	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R610	Version: 114.0.0.0.6565 and earlier
CommScope, Inc.	AP Solo R310	Version: 110.0.0.0.2014 and earlier
CommScope, Inc.	AP Solo R760	Version: 118.1.0.0.1274 and earlier
CommScope, Inc.	AP Solo R560	Version: 118.1.0.0.1908 and earlier
CommScope, Inc.	AP Solo H550	Version: 116.0.0.0.1506 and earlier
CommScope, Inc.	AP Solo H350	Version: 116.0.0.0.3128 and earlier
CommScope, Inc.	AP Solo T350c	Version: 116.0.0.0.1543 and earlier
CommScope, Inc.	AP Solo T350d	Version: 116.0.0.0.1543 and earlier
CommScope, Inc.	AP Solo T350se	Version: 116.0.0.0.3136 and earlier
CommScope, Inc.	AP Solo R350	Version: 116.0.0.0.1655 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:53:45.350Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/323"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN45891816/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-49225",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T13:53:26.065683Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-79",
                "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T13:58:41.326Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ZoneDirector",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "10.5.1 and earlier "
            }
          ]
        },
        {
          "product": "SmartZone",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "6.1.1 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R750",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R650",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R730",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T750",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R550",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.5585 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R850",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.5585 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T750SE",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.5585 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R510",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T310D",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo E510",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo C110",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R320",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo H510",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo H320",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T310S",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T310N",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T310C",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T305",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo M510",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R720",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R710",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T710",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T710s",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T610",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T610s",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R610",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "114.0.0.0.6565 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R310",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "110.0.0.0.2014 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R760",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "118.1.0.0.1274 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R560",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "118.1.0.0.1908 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo H550",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.1506 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo H350",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.3128 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T350c",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.1543 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T350d",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.1543 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo T350se",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.3136 and earlier "
            }
          ]
        },
        {
          "product": "AP Solo R350",
          "vendor": "CommScope, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "116.0.0.0.1655 and earlier "
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-07T06:22:32.328Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://support.ruckuswireless.com/security_bulletins/323"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN45891816/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-49225",
    "datePublished": "2023-12-07T06:22:32.328Z",
    "dateReserved": "2023-11-24T00:19:52.591Z",
    "dateUpdated": "2025-05-28T13:58:41.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19839 (GCVE-0-2019-19839)

Vulnerability from cvelistv5

Published

2020-01-23 13:42

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.697Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-23T13:42:32",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19839",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19839",
    "datePublished": "2020-01-23T13:42:32",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.697Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19835 (GCVE-0-2019-19835)

Vulnerability from cvelistv5

Published

2020-01-23 12:44

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.698Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-23T12:44:48",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19835",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19835",
    "datePublished": "2020-01-23T12:44:48",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25717 (GCVE-0-2023-25717)

Vulnerability from cvelistv5

Published

2023-02-13 00:00

Modified

2025-07-30 01:37

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

n/a

Summary

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/315
	https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:32:11.415Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/315"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25717",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T15:06:32.335785Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-05-12",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-25717"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:31.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2023-05-12T00:00:00+00:00",
            "value": "CVE-2023-25717 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin\u0026password=password$(curl substring."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-13T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://support.ruckuswireless.com/security_bulletins/315"
        },
        {
          "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-25717",
    "datePublished": "2023-02-13T00:00:00.000Z",
    "dateReserved": "2023-02-13T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:37:31.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-6229 (GCVE-0-2017-6229)

Vulnerability from cvelistv5

Published

2018-02-14 19:00

Modified

2024-09-16 23:55

Severity ?

CWE

Authenticated command injection in CLI interface of ZD/Unleashed software.

Summary

Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.

References

▼	URL	Tags
	https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Brocade Communications Systems, Inc.	Ruckus Networks Unleashed APs and Zone Director	Version: Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:25:48.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruckus Networks Unleashed APs and Zone Director",
          "vendor": "Brocade Communications Systems, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
            }
          ]
        }
      ],
      "datePublic": "2018-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authenticated command injection in CLI interface of ZD/Unleashed software.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-14T18:57:02",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@brocade.com",
          "DATE_PUBLIC": "2018-02-09T00:00:00",
          "ID": "CVE-2017-6229",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruckus Networks Unleashed APs and Zone Director",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Brocade Communications Systems, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authenticated command injection in CLI interface of ZD/Unleashed software."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt",
              "refsource": "CONFIRM",
              "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2017-6229",
    "datePublished": "2018-02-14T19:00:00Z",
    "dateReserved": "2017-02-23T00:00:00",
    "dateUpdated": "2024-09-16T23:55:41.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13917 (GCVE-0-2020-13917)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13917",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13917",
    "datePublished": "2020-07-28T14:46:21",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13914 (GCVE-0-2020-13914)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13914",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13914",
    "datePublished": "2020-07-28T14:46:06",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13915 (GCVE-0-2020-13915)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.117Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13915",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13915",
    "datePublished": "2020-07-28T14:46:12",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19837 (GCVE-0-2019-19837)

Vulnerability from cvelistv5

Published

2020-01-23 12:26

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.835Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-23T12:26:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19837",
    "datePublished": "2020-01-23T12:26:59",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13913 (GCVE-0-2020-13913)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.243Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13913",
    "datePublished": "2020-07-28T14:46:02",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.243Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19843 (GCVE-0-2019-19843)

Vulnerability from cvelistv5

Published

2020-01-22 18:48

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.685Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T18:48:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19843",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19843",
    "datePublished": "2020-01-22T18:48:04",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13918 (GCVE-0-2020-13918)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.180Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:26",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13918",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13918",
    "datePublished": "2020-07-28T14:46:26",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13919 (GCVE-0-2020-13919)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13919",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13919",
    "datePublished": "2020-07-28T14:46:30",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.438Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19838 (GCVE-0-2019-19838)

Vulnerability from cvelistv5

Published

2020-01-23 13:41

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.690Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-23T13:41:10",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19838",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19838",
    "datePublished": "2020-01-23T13:41:10",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19840 (GCVE-0-2019-19840)

Vulnerability from cvelistv5

Published

2020-01-22 20:32

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.689Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T20:32:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19840",
    "datePublished": "2020-01-22T20:32:36",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.689Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19841 (GCVE-0-2019-19841)

Vulnerability from cvelistv5

Published

2020-01-22 20:29

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.781Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T20:29:54",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19841",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19841",
    "datePublished": "2020-01-22T20:29:54",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-13916 (GCVE-0-2020-13916)

Vulnerability from cvelistv5

Published

2020-07-28 14:46

Modified

2024-08-04 12:32

Severity ?

CWE

n/a

Summary

A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	https://support.ruckuswireless.com/security_bulletins/304	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ruckuswireless.com/security_bulletins/304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-28T14:46:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ruckuswireless.com/security_bulletins/304"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13916",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ruckuswireless.com/security_bulletins/304",
              "refsource": "CONFIRM",
              "url": "https://support.ruckuswireless.com/security_bulletins/304"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13916",
    "datePublished": "2020-07-28T14:46:16",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-19834 (GCVE-0-2019-19834)

Vulnerability from cvelistv5

Published

2020-01-22 18:09

Modified

2024-08-05 02:25

Severity ?

CWE

n/a

Summary

Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.

References

▼	URL	Tags
	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	x_refsource_MISC
	https://www.ruckuswireless.com/security/299/view/txt	x_refsource_MISC
	https://alephsecurity.com/2020/01/14/ruckus-wireless	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.676Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruckuswireless.com/security/299/view/txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T18:09:32",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruckuswireless.com/security/299/view/txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19834",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
              "refsource": "MISC",
              "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
            },
            {
              "name": "https://www.ruckuswireless.com/security/299/view/txt",
              "refsource": "MISC",
              "url": "https://www.ruckuswireless.com/security/299/view/txt"
            },
            {
              "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
              "refsource": "MISC",
              "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19834",
    "datePublished": "2020-01-22T18:09:32",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.676Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "Un control de acceso incorrecto en webs en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permite a un atacante remoto filtrar informaci\u00f3n del sistema (que se puede usar para un jailbreak) por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13918",
  "lastModified": "2024-11-21T05:02:08.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.780",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 21:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
    },
    {
      "lang": "es",
      "value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos de Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=spectra-analysis en el archivo admin/_cmdstat.jsp mediante el atributo mac."
    }
  ],
  "id": "CVE-2019-19842",
  "lastModified": "2024-11-21T04:35:30.543",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T21:15:10.337",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-02-13 20:15

Modified

2025-08-22 21:09

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.

References

URL	Tags
cve@mitre.org	https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/	Exploit, Third Party Advisory
cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/315	Patch, Product, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/315	Patch, Product, Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	ruckus_wireless_admin	*
ruckuswireless	smartzone_ap	*
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h350	-
ruckuswireless	h510	-
ruckuswireless	h550	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r350	-
ruckuswireless	r510	-
ruckuswireless	r550	-
ruckuswireless	r610	-
ruckuswireless	r650	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r730	-
ruckuswireless	r750	-
ruckuswireless	r760	-
ruckuswireless	r850	-
ruckuswireless	sz-144	-
ruckuswireless	sz100	-
ruckuswireless	sz300	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t350c	-
ruckuswireless	t350d	-
ruckuswireless	t350se	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-
ruckuswireless	t750	-
ruckuswireless	t750se	-
ruckuswireless	t811-cm	-
ruckuswireless	ruckus_wireless_admin	*
ruckuswireless	smartzone_ap	*
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r550	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r650	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r730	-
ruckuswireless	r750	-
ruckuswireless	r850	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t504	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-
ruckuswireless	t750	-
ruckuswireless	t750se	-
ruckuswireless	t811-cm	-
ruckuswireless	ruckus_wireless_admin	*
ruckuswireless	smartzone_ap	*
ruckuswireless	h500	-
ruckuswireless	r300	-
ruckuswireless	r700	-
ruckuswireless	ruckus_wireless_admin	*
ruckuswireless	smartzone_ap	*
ruckuswireless	r560	-
ruckuswireless	ruckus_wireless_admin	*
commscope	ruckus_smartzone_firmware	*
ruckuswireless	sz-144	-
ruckuswireless	sz300	-
ruckuswireless	ruckus_wireless_admin	*
commscope	ruckus_smartzone_firmware	6.1.0.0.935
ruckuswireless	sz-144	-
ruckuswireless	sz100	-
ruckuswireless	sz300	-
ruckuswireless	ruckus_wireless_admin	*
ruckuswireless	m510-jp	-
ruckuswireless	p300	-
ruckuswireless	q410	-
ruckuswireless	q710	-
ruckuswireless	q910	-
ruckuswireless	t811-cm$non-spf$	-
ruckuswireless	zd1000	-
ruckuswireless	zd1100	-
ruckuswireless	zd1200	-
ruckuswireless	zd3000	-
ruckuswireless	zd5000	-
ruckuswireless	ruckus_wireless_admin	*
commscope	ruckus_smartzone_firmware	*
ruckuswireless	sz-144-federal	-
ruckuswireless	sz300-federal	-

JSON

To clipboard

{
  "cisaActionDue": "2023-06-02",
  "cisaExploitAdd": "2023-05-12",
  "cisaRequiredAction": "Apply updates per vendor instructions or disconnect product if it is end-of-life.",
  "cisaVulnerabilityName": "Multiple Ruckus Wireless Products CSRF and RCE Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED4CD2B3-C3CE-437F-A01C-5A50B900FC4D",
              "versionEndExcluding": "6.1.0.0.9240",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19E1647-DFDD-4AE9-8118-B6E27796F158",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AECE922-479C-4C3E-9905-1C742DCE9769",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "728B95F9-BD5B-4C0B-ADBD-0B30AAC868EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215024F9-C68E-4919-9FD5-215CF900A830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951BDA12-0294-472A-9292-F60AC6D4292B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28A5E0-6F42-4133-B1D3-1D0116079094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r760:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C50256D2-E89C-4992-B296-7F686C4A0E66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A244DE5-A9B3-45BE-8AD1-154546F4F1F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB6E5537-CC32-46A3-BCA3-52B011E13564",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E561E73-06B4-49E3-A24C-CCDFA0D278EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "271E8C2A-5AD8-47B7-B6C5-D996FD135412",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1151656-21F9-442F-93AF-3E12B497CEF1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C15AA25-82B2-4C02-8361-E8F6179B525A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1DE3AD-CA13-44CE-ACF1-3DE2D6C691BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0680FEA-592F-4610-85D3-D52335906B13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED3EC-4946-4CB1-9227-FC0B500488B9",
              "versionEndExcluding": "5.2.2.0.2064",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215024F9-C68E-4919-9FD5-215CF900A830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951BDA12-0294-472A-9292-F60AC6D4292B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28A5E0-6F42-4133-B1D3-1D0116079094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A244DE5-A9B3-45BE-8AD1-154546F4F1F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EB7F76C-637E-4194-B7CD-36C0EB5C84D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C15AA25-82B2-4C02-8361-E8F6179B525A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1DE3AD-CA13-44CE-ACF1-3DE2D6C691BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0680FEA-592F-4610-85D3-D52335906B13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EFC8C1-5D6B-44AB-919A-FD7365E666EA",
              "versionEndExcluding": "3.6.2.0.795",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE5491D-89A5-4690-8374-0CD27852CCB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FDEC42-0D72-4841-B0FE-B0B0B00B6557",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7549541B-0F1A-45F8-8E5A-8034B00C2D2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_ap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3679017-4730-49AF-8CE7-35B82F504EA5",
              "versionEndExcluding": "6.1.1.0.1274",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AADED848-CAF5-4EF6-BAC6-6BE35CCE7815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC1AFF4-766D-4DFF-B7A0-39EFE686F33B",
              "versionEndExcluding": "5.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.0.0.935:*:*:*:*:*:*:*",
              "matchCriteriaId": "98787AFD-705A-4ECA-A735-1412ED55B71C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA45AAC-D228-4F8B-AAD8-A41395C79DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB6E5537-CC32-46A3-BCA3-52B011E13564",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7CB834-555F-4259-AD12-DB56F42CA907",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510-jp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "007DE148-E501-4A35-8F10-ACD28FF2819B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:p300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E3F2DA-3A4B-421A-ACE0-A764B9B57FF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB66E1A9-D6B5-455F-B6C0-FD2EF45CF509",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D44A0E-66C0-4522-90AC-16F7D5738D8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:q910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80C949D8-D53C-4B5B-A851-51FAFAB0011D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t811-cm\\(non-spf\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE9892F-8F72-4D92-B7A2-4B4B41AB8729",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86341154-62AA-43A3-9B65-3B95873317C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE17AF8-0965-4D9D-A1A3-40976BDF10C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763E2D39-085A-4E8B-BBC1-B0567666FF5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E149CEA6-5EF5-4CD6-969F-D5DD33D04744",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zd5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "640C64BD-EBD1-43D7-AEB9-A51E2069BC4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruckuswireless:ruckus_wireless_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7580FF26-730D-4029-A33B-3A3105E5BC72",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D11729-5815-46AC-A2B6-E1570FDBED8E",
              "versionEndExcluding": "5.2.1.3.1695",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz-144-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C68AA80-C987-4B00-AB39-4D14910EB961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:sz300-federal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DEAC3DF-557E-4070-A23E-524A4A3B9226",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin\u0026password=password$(curl substring."
    },
    {
      "lang": "es",
      "value": "Ruckus Wireless Admin hasta la versi\u00f3n 10.4 permite la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de una solicitud HTTP GET no autenticada, como lo demuestra /forms/doLogin?login_username=admin\u0026amp;password=password$(curl substring."
    }
  ],
  "id": "CVE-2023-25717",
  "lastModified": "2025-08-22T21:09:15.577",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-02-13T20:15:10.973",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://cybir.com/2023/cve/proof-of-concept-ruckus-wireless-admin-10-4-unauthenticated-remote-code-execution-csrf-ssrf/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/315"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 19:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n AjaxRestrictedCmdStat en zap en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una ejecuci\u00f3n de c\u00f3digo remota por medio de una petici\u00f3n POST que usa el archivo tools/_rcmdstat.jsp para escribir en un nombre de archivo especificado."
    }
  ],
  "id": "CVE-2019-19836",
  "lastModified": "2024-11-21T04:35:29.587",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T19:15:12.407",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 19:15

Modified

2024-11-21 04:35

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
    },
    {
      "lang": "es",
      "value": "Un Salto de Directorio en ruckus_cli2 en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a un atacante remoto liberar la CLI por medio de enable-)debug-)script-)exec con ../../../bin/sh como el par\u00e1metro."
    }
  ],
  "id": "CVE-2019-19834",
  "lastModified": "2024-11-21T04:35:29.280",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T19:15:12.327",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-23 13:15

Modified

2024-11-21 04:35

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo SSRF en la funci\u00f3n AjaxRestrictedCmdStat en zap en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una denegaci\u00f3n de servicio remota por medio del atributo server en el URI tools/_rcmdstat.jsp."
    }
  ],
  "id": "CVE-2019-19835",
  "lastModified": "2024-11-21T04:35:29.437",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-23T13:15:11.933",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-23 15:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
    },
    {
      "lang": "es",
      "value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos del Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=get-platform-depends en el archivo admin/_cmdstat.jsp mediante el atributo uploadFile."
    }
  ],
  "id": "CVE-2019-19838",
  "lastModified": "2024-11-21T04:35:29.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-23T15:15:13.693",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-12-07 07:15

Modified

2025-08-22 21:09

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.

References

URL	Tags
vultures@jpcert.or.jp	https://jvn.jp/en/jp/JVN45891816/	Third Party Advisory
vultures@jpcert.or.jp	https://support.ruckuswireless.com/security_bulletins/323	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/jp/JVN45891816/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/323	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	r750_firmware	*
ruckuswireless	r750	-
ruckuswireless	r650_firmware	*
ruckuswireless	r650	-
ruckuswireless	r730_firmware	*
ruckuswireless	r730	-
ruckuswireless	t750_firmware	*
ruckuswireless	t750	-
ruckuswireless	r510_firmware	*
ruckuswireless	r510	-
ruckuswireless	e510_firmware	*
ruckuswireless	e510	-
ruckuswireless	c110_firmware	*
ruckuswireless	c110	-
ruckuswireless	r320_firmware	*
ruckuswireless	r320	-
ruckuswireless	h510_firmware	*
ruckuswireless	h510	-
ruckuswireless	h320_firmware	*
ruckuswireless	h320	-
ruckuswireless	t305_firmware	*
ruckuswireless	t305	-
ruckuswireless	m510_firmware	*
ruckuswireless	m510	-
ruckuswireless	r720_firmware	*
ruckuswireless	r720	-
ruckuswireless	r710_firmware	*
ruckuswireless	r710	-
ruckuswireless	t710_firmware	*
ruckuswireless	t710	-
ruckuswireless	t610_firmware	*
ruckuswireless	t610	-
ruckuswireless	r610_firmware	*
ruckuswireless	r610	-
ruckuswireless	t310d_firmware	*
ruckuswireless	t310d	-
ruckuswireless	t310s_firmware	*
ruckuswireless	t310s	-
ruckuswireless	t310n_firmware	*
ruckuswireless	t310n	-
ruckuswireless	t310c_firmware	*
ruckuswireless	t310c	-
ruckuswireless	t710s_firmware	*
ruckuswireless	t710s	-
ruckuswireless	t610s_firmware	*
ruckuswireless	t610s	-
ruckuswireless	r550_firmware	*
ruckuswireless	r550	-
ruckuswireless	r850_firmware	*
ruckuswireless	r850	-
ruckuswireless	t750se_firmware	*
ruckuswireless	t750se	-
ruckuswireless	r310_firmware	*
ruckuswireless	r310	*
ruckuswireless	r760_firmware	*
ruckuswireless	r760	*
ruckuswireless	r760_firmware	*
ruckuswireless	r760	*
ruckuswireless	r560_firmware	*
ruckuswireless	r560	*
ruckuswireless	h550_firmware	*
ruckuswireless	h550	*
ruckuswireless	h350_firmware	*
ruckuswireless	h350	*
ruckuswireless	t350c_firmware	*
ruckuswireless	t350c	*
ruckuswireless	t350d_firmware	*
ruckuswireless	t350d	*
ruckuswireless	t350se_firmware	*
ruckuswireless	t350se	*
ruckuswireless	r350_firmware	*
ruckuswireless	r350	*
ruckuswireless	smartzone_firmware	*
commscope	ruckus_smartzone	-
ruckuswireless	zonedirector_firmware	*
ruckuswireless	zonedirector	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19637FB4-A1EC-4DDB-9FD2-B176427B9933",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r650_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F805AE7-830E-4D88-AA80-40FEC783AC84",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951BDA12-0294-472A-9292-F60AC6D4292B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r730_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F98CC2D-247B-493F-A1DD-8133622C2AE7",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28A5E0-6F42-4133-B1D3-1D0116079094",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFCDC4FB-7448-4E19-AF4D-897180F3775B",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C15AA25-82B2-4C02-8361-E8F6179B525A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6269F0-AFA6-48A9-92D2-3A3250B1E6C0",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:e510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2FB77C-1E97-44C5-A961-7F91B1A8AB34",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:c110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6531A85F-9AA8-4A26-9A81-09003B8AAF2E",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r320_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C00DA68-6EA2-4D88-B60C-6980D4953912",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "843E61F5-DE53-47B3-BF24-B817BE9F334E",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h320_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F625B309-F3BC-4899-B6B4-C460B7502730",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t305_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED5CB06-9A07-4EF6-B730-7D24B8E131F7",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t305:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0500E6E8-D56C-41EC-B9C5-72C5DD955639",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:m510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB3F18F-04F1-4D37-A74C-B12ED64ECDEE",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r720_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73590841-C0E4-423B-89F3-C5E3E5DC3A84",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD213C0E-8D62-43C1-AAAD-72AB2455F4C8",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC75B29-992F-4917-B0A9-6B4C16905E3A",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t610_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0273FF13-6329-4A68-B2B1-674D0FDCEACC",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r610_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA61CD3-AFD8-4C9B-B707-850A352EFF63",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t310d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3D9629-CDD0-497E-A798-BD68696D7B0A",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t310s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47656F30-691A-4072-B5DF-0B4026133B24",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t310n_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8508F154-5538-401A-8A1E-192C38A482B4",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t310c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D50969FD-837B-49B3-820E-E02CA9CD75E3",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t710s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11907B93-2CC9-43E7-98E9-B13370225009",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t610s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B8C9F8-76A1-4B8C-8FB9-770CB0E7DC94",
              "versionEndIncluding": "114.0.0.0.6565",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "752CBB38-F5C6-4666-B062-B5E3B15CA1A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r550_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "260442D7-362E-4141-BE55-066154A5B587",
              "versionEndIncluding": "114.0.0.0.5585",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215024F9-C68E-4919-9FD5-215CF900A830",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "392561BB-1413-44A3-B4D1-CC4A57DC67F1",
              "versionEndIncluding": "114.0.0.0.5585",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A244DE5-A9B3-45BE-8AD1-154546F4F1F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t750se_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F079E97-F62E-4919-A21B-1443146FEB14",
              "versionEndIncluding": "114.0.0.0.5585",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t750se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1DE3AD-CA13-44CE-ACF1-3DE2D6C691BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6AF187-4EC5-4F8A-9FB3-E1FD4F71FA4F",
              "versionEndIncluding": "110.0.0.0.2014",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93655935-481F-477B-A0C3-EFFFB822C9D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r760_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D73A1E-302B-4494-B0CF-48D298A25916",
              "versionEndIncluding": "118.1.0.0.1274",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r760:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "700D0FAA-0964-486A-932B-08CF1A328468",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r760_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D73A1E-302B-4494-B0CF-48D298A25916",
              "versionEndIncluding": "118.1.0.0.1274",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r760:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "700D0FAA-0964-486A-932B-08CF1A328468",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r560_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BEFF83F-4F8E-4BFE-B964-2F019A846EF0",
              "versionEndIncluding": "118.1.0.0.1908",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r560:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "75E00EC7-030F-4E90-8747-4AA87C2DA73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h550_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDDACE4-B572-4E7F-8D7C-333B3108D0F8",
              "versionEndIncluding": "116.0.0.0.1506",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h550:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "843E2FCE-C3EC-406A-8ECB-BA5F51C2DCFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h350_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1056C4F-1A29-474A-AD6F-6911F68ED36E",
              "versionEndIncluding": "116.0.0.0.3128",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h350:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "389825B3-BD3F-48F9-A6EB-238D1485E24D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t350c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "561DDAE6-C5A0-4DA8-AC07-0EF7D06A8848",
              "versionEndIncluding": "116.0.0.0.1543",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350c:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "663BF055-A677-418A-8009-599D7BE04221",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t350d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C77FF583-1BAF-4042-A5F0-07DF1FC4C5E4",
              "versionEndIncluding": "116.0.0.0.1543",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4323CCB1-EE5E-498F-86F3-00CE6C75F10D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t350se_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC95847-0984-466D-9227-5A44971260F2",
              "versionEndIncluding": "116.0.0.0.3136",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t350se:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60A48D4A-75D9-486B-896D-7BF11AD3ED6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r350_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "004DED59-2353-40D5-997A-E021728E4F23",
              "versionEndIncluding": "116.0.0.0.1655",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r350:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B3B5B6-3365-47B2-847E-004489533CDA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:smartzone_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0D700D-F65B-49CC-BA09-41B22A6884C1",
              "versionEndIncluding": "6.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:commscope:ruckus_smartzone:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A4B5B7-E8A5-4FE1-8947-7BA90A37516A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1DA133A-1251-4946-BC27-FECABFEA056A",
              "versionEndIncluding": "10.5.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC847897-E9C7-4247-BC22-E999847E1110",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Cross-Site-Scripting en los productos Ruckus Access Point (ZoneDirector, SmartZone y AP Solo). Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que inicia sesi\u00f3n en el producto. En cuanto a los productos/modelos/versiones afectados, consulte la informaci\u00f3n proporcionada por el proveedor que figura en la secci\u00f3n [Referencias] o la lista en la secci\u00f3n [Estado del producto]."
    }
  ],
  "id": "CVE-2023-49225",
  "lastModified": "2025-08-22T21:09:15.577",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-12-07T07:15:12.880",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/jp/JVN45891816/"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/jp/JVN45891816/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/323"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 21:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
    },
    {
      "lang": "es",
      "value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos de Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=packet-capture en el archivo admin/_cmdstat.jsp mediante el atributo mac."
    }
  ],
  "id": "CVE-2019-19841",
  "lastModified": "2024-11-21T04:35:30.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T21:15:10.273",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 19:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
    },
    {
      "lang": "es",
      "value": "Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite la extracci\u00f3n de credenciales remota por medio de una petici\u00f3n HTTP no autenticada que involucra un enlace simb\u00f3lico con /tmp y web/user/wps_tool_cache."
    }
  ],
  "id": "CVE-2019-19843",
  "lastModified": "2024-11-21T04:35:30.683",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T19:15:12.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        },
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-22 21:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n zap_parse_args en el archivo zap.c en zap en Ruckus Unleashed versiones hasta 200.7.10.102.64, permite una ejecuci\u00f3n de c\u00f3digo remota por medio de una petici\u00f3n HTTP no autenticada."
    }
  ],
  "id": "CVE-2019-19840",
  "lastModified": "2024-11-21T04:35:30.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-22T21:15:10.177",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-23 15:15

Modified

2024-11-21 04:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
    },
    {
      "lang": "es",
      "value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos del Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=import-category en el archivo admin/_cmdstat.jsp mediante el atributo uploadFile."
    }
  ],
  "id": "CVE-2019-19839",
  "lastModified": "2024-11-21T04:35:30.070",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-23T15:15:13.757",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-23 13:15

Modified

2024-11-21 04:35

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.

References

URL	Tags
cve@mitre.org	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
cve@mitre.org	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
cve@mitre.org	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://alephsecurity.com/2020/01/14/ruckus-wireless	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ruckuswireless.com/security/299/view/txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r510	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	t310	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
              "versionEndExcluding": "200.7.10.202.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
              "versionEndExcluding": "9.10.2.0.84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
              "versionEndExcluding": "9.12.3.0.136",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
              "versionEndExcluding": "10.0.1.0.90",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
              "versionEndExcluding": "10.1.2.0.275",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
              "versionEndExcluding": "10.2.1.0.147",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
              "versionEndExcluding": "10.3.1.0.21",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
    },
    {
      "lang": "es",
      "value": "Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una divulgaci\u00f3n de informaci\u00f3n remota en el archivo bin/web.conf por medio de peticiones HTTP."
    }
  ],
  "id": "CVE-2019-19837",
  "lastModified": "2024-11-21T04:35:29.750",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-23T13:15:12.010",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ruckuswireless.com/security/299/view/txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "Los permisos no seguros en emfd/libemf en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permiten a un atacante remoto sobrescribir las credenciales de administrador por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13915",
  "lastModified": "2024-11-21T05:02:08.373",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.640",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        },
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-02-14 19:29

Modified

2024-11-21 03:29

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.

References

▼	URL	Tags
	sirt@brocade.com	https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	r500_firmware	*
ruckuswireless	r500	-
ruckuswireless	r600_firmware	*
ruckuswireless	r600	-
ruckuswireless	r310_firmware	*
ruckuswireless	r310	-
ruckuswireless	h320_firmware	*
ruckuswireless	h320	-
ruckuswireless	h510_firmware	*
ruckuswireless	h510	-
ruckuswireless	r710_firmware	*
ruckuswireless	r710	-
ruckuswireless	r720_firmware	*
ruckuswireless	r720	-
ruckuswireless	t300_firmware	*
ruckuswireless	t300	-
ruckuswireless	t301_firmware	*
ruckuswireless	t301	-
ruckuswireless	t300e_firmware	*
ruckuswireless	t300e	-
ruckuswireless	t610_firmware	*
ruckuswireless	t610	-
ruckuswireless	t710_firmware	*
ruckuswireless	t710	-
ruckuswireless	r510_firmware	*
ruckuswireless	r510	-
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	*
ruckuswireless	zonedirector_1200_firmware	10.1.0.0.1515
ruckuswireless	zonedirector_1200	-
ruckuswireless	zonedirector_3000_firmware	*
ruckuswireless	zonedirector_3000_firmware	*
ruckuswireless	zonedirector_3000_firmware	*
ruckuswireless	zonedirector_3000_firmware	*
ruckuswireless	zonedirector_3000_firmware	10.1.0.0.1515
ruckuswireless	zonedirector_3000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7842F7BA-DB75-44BA-A505-03AC07443F55",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01AEB940-2D3C-4F8A-B2D2-075665F893EC",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08795F10-C276-4A7D-83FD-C39A8844D854",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h320_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B282766-1ACE-4249-99CB-CF8DD099EBDC",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:h510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01348379-0624-46A2-B0EF-8877A6CBB8B6",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61041E50-BDB8-431E-959F-BA6BF734F889",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r720_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E9FA2-CAD7-43E4-AACC-6E61B5D3B41C",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACA58F89-2F73-42A6-AF00-BD17275650EA",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t301_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B07FA9-7E5A-4429-A4F6-B2AD1AB89388",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFEA172-9781-4FA8-96F2-DE09FB6340FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t300e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FAD7213-2C06-4B24-8E36-9D5EE2B32720",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "787156EB-F6AA-445F-8B56-4C3696E08697",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t610_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0395ED7F-AE77-4FF3-A139-718956FA13A7",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A02D3DD9-5369-45E4-84BE-678EC3DDDAC4",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "862672CC-0480-405C-9791-8993D19931A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:r510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6248C61C-ED6C-42AC-8B0D-DF197BF1107D",
              "versionEndExcluding": "200.6.10.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA60F3C8-CF88-4336-A214-98292E45B39D",
              "versionEndIncluding": "9.10.2.0.53",
              "versionStartIncluding": "9.10.2.0.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87A7791C-AD3E-433E-9383-69BCC6F1A91F",
              "versionEndIncluding": "9.12.3.0.83",
              "versionStartIncluding": "9.12.3.0.28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "882D995A-9677-46BD-BF59-91DDAA4C73F6",
              "versionEndIncluding": "9.13.3.0.145",
              "versionStartIncluding": "9.13.3.0.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB97CF78-F5A4-4BEE-B447-4E27CE05022B",
              "versionEndIncluding": "10.0.1.0.44",
              "versionStartIncluding": "10.0.1.0.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.1.0.0.1515:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832AD5B-50F7-4BB1-9116-33B67286D197",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3DBB4B6-0ED3-425A-AB4A-B8B76521312F",
              "versionEndIncluding": "9.10.2.0.53",
              "versionStartIncluding": "9.10.2.0.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C9E693-D648-4636-97E0-62B819DDB9CB",
              "versionEndIncluding": "9.12.3.0.83",
              "versionStartIncluding": "9.12.3.0.28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC11B771-8CB6-4009-861F-0AC6CA0519C1",
              "versionEndIncluding": "9.13.3.0.145",
              "versionStartIncluding": "9.13.3.0.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26F9F52E-11E2-4995-AA03-F0AC4F33D0C9",
              "versionEndIncluding": "10.0.1.0.44",
              "versionStartIncluding": "10.0.1.0.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.1.0.0.1515:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8636729-51EA-4292-8477-C78C11C5A8AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
    },
    {
      "lang": "es",
      "value": "Ruckus Networks Unleashed AP, en versiones de firmware anteriores a 200.6.10.1.x y Ruckus Networks Zone Director, en versiones de firmware 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x y 10.0.1.0.x o anteriores, contienen inyecci\u00f3n de comandos root autenticados en la interfaz de l\u00ednea de comandos que podr\u00edan permitir que usuarios autenticados v\u00e1lidos ejecuten comandos privilegiados en los respectivos sistemas."
    }
  ],
  "id": "CVE-2017-6229",
  "lastModified": "2024-11-21T03:29:18.477",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-14T19:29:00.213",
  "references": [
    {
      "source": "sirt@brocade.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
    }
  ],
  "sourceIdentifier": "sirt@brocade.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "Un problema de tipo XSS en emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permite a un atacante remoto ejecutar c\u00f3digo JavaScript por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13913",
  "lastModified": "2024-11-21T05:02:08.097",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer de la pila en webs en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permite a un atacante remoto ejecutar c\u00f3digo por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13916",
  "lastModified": "2024-11-21T05:02:08.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.687",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "emfd/libemf en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permite a un atacante remoto lograr una inyecci\u00f3n de comandos por medio de una petici\u00f3n HTTP dise\u00f1ada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13919",
  "lastModified": "2024-11-21T05:02:08.923",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.827",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "rkscli en Ruckus Wireless Unleashed versiones hasta 200.7.10.92, permite a un atacante remoto lograr una inyecci\u00f3n de comandos y un jailbreak de la CLI por medio de un comando de la CLI dise\u00f1ado. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13917",
  "lastModified": "2024-11-21T05:02:08.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.737",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-28 15:15

Modified

2024-11-21 05:02

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

References

▼	URL	Tags
	cve@mitre.org	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.ruckuswireless.com/security_bulletins/304	Vendor Advisory

Impacted products

Vendor	Product	Version
ruckuswireless	unleashed_firmware	*
ruckuswireless	c110	-
ruckuswireless	e510	-
ruckuswireless	h320	-
ruckuswireless	h510	-
ruckuswireless	m510	-
ruckuswireless	r310	-
ruckuswireless	r320	-
ruckuswireless	r500	-
ruckuswireless	r510	-
ruckuswireless	r600	-
ruckuswireless	r610	-
ruckuswireless	r710	-
ruckuswireless	r720	-
ruckuswireless	r750	-
ruckuswireless	t300	-
ruckuswireless	t301n	-
ruckuswireless	t301s	-
ruckuswireless	t310c	-
ruckuswireless	t310d	-
ruckuswireless	t310n	-
ruckuswireless	t310s	-
ruckuswireless	t610	-
ruckuswireless	t710	-
ruckuswireless	t710s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4",
              "versionEndIncluding": "200.7.10.102.92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."
    },
    {
      "lang": "es",
      "value": "webs en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92 permite a un atacante remoto causar una denegaci\u00f3n de servicio (error de segmentaci\u00f3n) en el servidor web por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"
    }
  ],
  "id": "CVE-2020-13914",
  "lastModified": "2024-11-21T05:02:08.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-28T15:15:11.577",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ruckuswireless.com/security_bulletins/304"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201802-0642

Vulnerability from variot

Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201802-0642",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zonedirector 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ruckuswireless",
        "version": "10.1.0.0.1515"
      },
      {
        "model": "zonedirector 3000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ruckuswireless",
        "version": "10.1.0.0.1515"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.28"
      },
      {
        "model": "t300e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.22"
      },
      {
        "model": "t301",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "t710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r310",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "h510",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.145"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.53"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.83"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.44"
      },
      {
        "model": "t300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.17"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.11"
      },
      {
        "model": "t610",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.22"
      },
      {
        "model": "r720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r510",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.17"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.11"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.28"
      },
      {
        "model": "h320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.44"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.53"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.145"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.83"
      },
      {
        "model": "h320",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "h510",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r310",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r500",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r510",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r600",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r710",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r720",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t300",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t300e",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t301",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t610",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t710",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "zonedirector 1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "zonedirector 3000",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:h320_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:h510_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r310_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r510_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r710_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r720_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t300e_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t301_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t610_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t710_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_3000_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ]
  },
  "cve": "CVE-2017-6229",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-6229",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-114432",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-6229",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-6229",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-6229",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201802-916",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-114432",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6229",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-114432",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "id": "VAR-201802-0642",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T23:08:46.893000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Authenticated Root Command Injection Vulnerabilities in CLI of ZD/Unleashed APs and Web-GUI of Solo/SZ Managed APs (CVE-2017-6229, CVE2017-6230)",
        "trust": 0.8,
        "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6229"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6229"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "date": "2018-03-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "date": "2018-02-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "date": "2018-02-14T19:29:00.213000",
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "date": "2018-03-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "date": "2018-08-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "date": "2024-11-21T03:29:18.477000",
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Networks Unleashed AP and  Zone Director In firmware  OS Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      }
    ],
    "trust": 0.6
  }
}

Vulnerabilites related to ruckuswireless - r720

CVE-2019-19836 (GCVE-0-2019-19836)

Vulnerability from cvelistv5

CVE-2019-19842 (GCVE-0-2019-19842)

Vulnerability from cvelistv5

CVE-2023-49225 (GCVE-0-2023-49225)

Vulnerability from cvelistv5

CVE-2019-19839 (GCVE-0-2019-19839)

Vulnerability from cvelistv5

CVE-2019-19835 (GCVE-0-2019-19835)

Vulnerability from cvelistv5

CVE-2023-25717 (GCVE-0-2023-25717)

Vulnerability from cvelistv5

CVE-2017-6229 (GCVE-0-2017-6229)

Vulnerability from cvelistv5

CVE-2020-13917 (GCVE-0-2020-13917)

Vulnerability from cvelistv5

CVE-2020-13914 (GCVE-0-2020-13914)

Vulnerability from cvelistv5

CVE-2020-13915 (GCVE-0-2020-13915)

Vulnerability from cvelistv5

CVE-2019-19837 (GCVE-0-2019-19837)

Vulnerability from cvelistv5

CVE-2020-13913 (GCVE-0-2020-13913)

Vulnerability from cvelistv5

CVE-2019-19843 (GCVE-0-2019-19843)

Vulnerability from cvelistv5

CVE-2020-13918 (GCVE-0-2020-13918)

Vulnerability from cvelistv5

CVE-2020-13919 (GCVE-0-2020-13919)

Vulnerability from cvelistv5

CVE-2019-19838 (GCVE-0-2019-19838)

Vulnerability from cvelistv5

CVE-2019-19840 (GCVE-0-2019-19840)

Vulnerability from cvelistv5

CVE-2019-19841 (GCVE-0-2019-19841)

Vulnerability from cvelistv5

CVE-2020-13916 (GCVE-0-2020-13916)

Vulnerability from cvelistv5

CVE-2019-19834 (GCVE-0-2019-19834)

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

var-201802-0642

Vulnerability from variot