Vulnerabilites related to ruckuswireless - zonedirector_1200
CVE-2019-19836 (GCVE-0-2019-19836)
Vulnerability from cvelistv5
Published
2020-01-22 18:13
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T18:13:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19836",
"datePublished": "2020-01-22T18:13:49",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19842 (GCVE-0-2019-19842)
Vulnerability from cvelistv5
Published
2020-01-22 20:31
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T20:31:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19842",
"datePublished": "2020-01-22T20:31:11",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19839 (GCVE-0-2019-19839)
Vulnerability from cvelistv5
Published
2020-01-23 13:42
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T13:42:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19839",
"datePublished": "2020-01-23T13:42:32",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19835 (GCVE-0-2019-19835)
Vulnerability from cvelistv5
Published
2020-01-23 12:44
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T12:44:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19835",
"datePublished": "2020-01-23T12:44:48",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22656 (GCVE-0-2020-22656)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 18:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to make the Secure Boot in failed attempts state (rfwd).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22656",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T18:00:42.932639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1272",
"description": "CWE-1272 Sensitive Information Uncleared Before Debug/Power State Transition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T18:01:29.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to make the Secure Boot in failed attempts state (rfwd)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:06:35.072Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22656",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T18:01:29.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22659 (GCVE-0-2020-22659)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:56:23.793345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:57:18.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:14:18.648Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22659",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:57:18.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6229 (GCVE-0-2017-6229)
Vulnerability from cvelistv5
Published
2018-02-14 19:00
Modified
2024-09-16 23:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authenticated command injection in CLI interface of ZD/Unleashed software.
Summary
Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Brocade Communications Systems, Inc. | Ruckus Networks Unleashed APs and Zone Director |
Version: Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ruckus Networks Unleashed APs and Zone Director",
"vendor": "Brocade Communications Systems, Inc.",
"versions": [
{
"status": "affected",
"version": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
}
]
}
],
"datePublic": "2018-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authenticated command injection in CLI interface of ZD/Unleashed software.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-14T18:57:02",
"orgId": "87b297d7-335e-4844-9551-11b97995a791",
"shortName": "brocade"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@brocade.com",
"DATE_PUBLIC": "2018-02-09T00:00:00",
"ID": "CVE-2017-6229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ruckus Networks Unleashed APs and Zone Director",
"version": {
"version_data": [
{
"version_value": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
}
]
}
}
]
},
"vendor_name": "Brocade Communications Systems, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated command injection in CLI interface of ZD/Unleashed software."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt",
"refsource": "CONFIRM",
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
"assignerShortName": "brocade",
"cveId": "CVE-2017-6229",
"datePublished": "2018-02-14T19:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-16T23:55:41.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22654 (GCVE-0-2020-22654)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:10.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:43:12.496331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:43:35.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T19:59:58.159Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22654",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:43:35.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22662 (GCVE-0-2020-22662)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22662",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:51:56.217635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:52:58.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized \"illegal region code\" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:46.168Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22662",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:52:58.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19837 (GCVE-0-2019-19837)
Vulnerability from cvelistv5
Published
2020-01-23 12:26
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T12:26:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19837",
"datePublished": "2020-01-23T12:26:59",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22658 (GCVE-0-2020-22658)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 20:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T20:48:01.216036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T20:48:13.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:12:18.280Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22658",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T20:48:13.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19843 (GCVE-0-2019-19843)
Vulnerability from cvelistv5
Published
2020-01-22 18:48
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T18:48:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19843",
"datePublished": "2020-01-22T18:48:04",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19834 (GCVE-0-2019-19834)
Vulnerability from cvelistv5
Published
2020-01-22 18:09
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T18:09:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19834",
"datePublished": "2020-01-22T18:09:32",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22657 (GCVE-0-2020-22657)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:10.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:59:30.477642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:59:56.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:03:48.379Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22657",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:59:56.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22653 (GCVE-0-2020-22653)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:10.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:44:52.616313Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:45:23.512Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T19:32:06.793Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22653",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:45:23.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22661 (GCVE-0-2020-22661)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to erase the backup secondary official image and write secondary backup unauthorized image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:53:33.052625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:54:19.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to erase the backup secondary official image and write secondary backup unauthorized image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:23:44.879Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22661",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:54:19.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22660 (GCVE-0-2020-22660)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 17:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T17:55:00.404412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T17:55:51.093Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:16:30.466Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22660",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T17:55:51.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19838 (GCVE-0-2019-19838)
Vulnerability from cvelistv5
Published
2020-01-23 13:41
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T13:41:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19838",
"datePublished": "2020-01-23T13:41:10",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19840 (GCVE-0-2019-19840)
Vulnerability from cvelistv5
Published
2020-01-22 20:32
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T20:32:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19840",
"datePublished": "2020-01-22T20:32:36",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19841 (GCVE-0-2019-19841)
Vulnerability from cvelistv5
Published
2020-01-22 20:29
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | x_refsource_MISC | |
| https://www.ruckuswireless.com/security/299/view/txt | x_refsource_MISC | |
| https://alephsecurity.com/2020/01/14/ruckus-wireless | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T20:29:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"refsource": "MISC",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"refsource": "MISC",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19841",
"datePublished": "2020-01-22T20:29:54",
"dateReserved": "2019-12-17T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-22655 (GCVE-0-2020-22655)
Vulnerability from cvelistv5
Published
2023-01-20 00:00
Modified
2025-04-03 18:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:51:11.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-22655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T18:02:58.690128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T18:03:04.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:02:06.130Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-22655",
"datePublished": "2023-01-20T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2025-04-03T18:03:04.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes explotar la firma de la imagen oficial para forzar la inyecci\u00f3n de una firma de imagen no autorizada."
}
],
"id": "CVE-2020-22653",
"lastModified": "2025-04-03T18:15:38.367",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.547",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes cambiar completamente a una imagen no autorizada para iniciarse como imagen principal verificada."
}
],
"id": "CVE-2020-22658",
"lastModified": "2025-04-03T21:15:37.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.843",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 21:15
Modified
2024-11-21 04:35
Severity ?
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute."
},
{
"lang": "es",
"value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos de Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=spectra-analysis en el archivo admin/_cmdstat.jsp mediante el atributo mac."
}
],
"id": "CVE-2019-19842",
"lastModified": "2024-11-21T04:35:30.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T21:15:10.337",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 19:15
Modified
2024-11-21 04:35
Severity ?
Summary
AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
},
{
"lang": "es",
"value": "La funci\u00f3n AjaxRestrictedCmdStat en zap en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una ejecuci\u00f3n de c\u00f3digo remota por medio de una petici\u00f3n POST que usa el archivo tools/_rcmdstat.jsp para escribir en un nombre de archivo especificado."
}
],
"id": "CVE-2019-19836",
"lastModified": "2024-11-21T04:35:29.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T19:15:12.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 19:15
Modified
2024-11-21 04:35
Severity ?
Summary
Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-\u003edebug-\u003escript-\u003eexec with ../../../bin/sh as the parameter."
},
{
"lang": "es",
"value": "Un Salto de Directorio en ruckus_cli2 en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a un atacante remoto liberar la CLI por medio de enable-)debug-)script-)exec con ../../../bin/sh como el par\u00e1metro."
}
],
"id": "CVE-2019-19834",
"lastModified": "2024-11-21T04:35:29.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T19:15:12.327",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 13:15
Modified
2024-11-21 04:35
Severity ?
Summary
SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo SSRF en la funci\u00f3n AjaxRestrictedCmdStat en zap en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una denegaci\u00f3n de servicio remota por medio del atributo server en el URI tools/_rcmdstat.jsp."
}
],
"id": "CVE-2019-19835",
"lastModified": "2024-11-21T04:35:29.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T13:15:11.933",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 15:15
Modified
2024-11-21 04:35
Severity ?
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute."
},
{
"lang": "es",
"value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos del Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=get-platform-depends en el archivo admin/_cmdstat.jsp mediante el atributo uploadFile."
}
],
"id": "CVE-2019-19838",
"lastModified": "2024-11-21T04:35:29.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T15:15:13.693",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 21:15
Modified
2024-11-21 04:35
Severity ?
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute."
},
{
"lang": "es",
"value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos de Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=packet-capture en el archivo admin/_cmdstat.jsp mediante el atributo mac."
}
],
"id": "CVE-2019-19841",
"lastModified": "2024-11-21T04:35:30.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T21:15:10.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 19:15
Modified
2024-11-21 04:35
Severity ?
Summary
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
},
{
"lang": "es",
"value": "Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite la extracci\u00f3n de credenciales remota por medio de una petici\u00f3n HTTP no autenticada que involucra un enlace simb\u00f3lico con /tmp y web/user/wps_tool_cache."
}
],
"id": "CVE-2019-19843",
"lastModified": "2024-11-21T04:35:30.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T19:15:12.517",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
},
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes forzar eludir los intentos fallidos de arranque seguro y ejecutar temporalmente la imagen de copia de seguridad anterior."
}
],
"id": "CVE-2020-22660",
"lastModified": "2025-04-03T18:15:40.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.953",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-22 21:15
Modified
2024-11-21 04:35
Severity ?
Summary
A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n zap_parse_args en el archivo zap.c en zap en Ruckus Unleashed versiones hasta 200.7.10.102.64, permite una ejecuci\u00f3n de c\u00f3digo remota por medio de una petici\u00f3n HTTP no autenticada."
}
],
"id": "CVE-2019-19840",
"lastModified": "2024-11-21T04:35:30.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T21:15:10.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to erase the backup secondary official image and write secondary backup unauthorized image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to erase the backup secondary official image and write secondary backup unauthorized image."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes borrar la imagen oficial secundaria de respaldo y escribir una imagen de respaldo secundaria no autorizada."
}
],
"id": "CVE-2020-22661",
"lastModified": "2025-04-03T18:15:40.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:13.007",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 15:15
Modified
2024-11-21 04:35
Severity ?
Summary
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute."
},
{
"lang": "es",
"value": "emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a atacantes remotos ejecutar comandos del Sistema Operativo por medio de una petici\u00f3n POST con el atributo xcmd=import-category en el archivo admin/_cmdstat.jsp mediante el atributo uploadFile."
}
],
"id": "CVE-2019-19839",
"lastModified": "2024-11-21T04:35:30.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T15:15:13.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 13:15
Modified
2024-11-21 04:35
Severity ?
Summary
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| cve@mitre.org | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alephsecurity.com/2020/01/14/ruckus-wireless | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ruckuswireless.com/security/299/view/txt | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987",
"versionEndExcluding": "200.7.10.202.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7",
"versionEndExcluding": "9.10.2.0.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C",
"versionEndExcluding": "9.12.3.0.136",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988",
"versionEndExcluding": "10.0.1.0.90",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5",
"versionEndExcluding": "10.1.2.0.275",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA",
"versionEndExcluding": "10.2.1.0.147",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873",
"versionEndExcluding": "10.3.1.0.21",
"versionStartIncluding": "10.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests."
},
{
"lang": "es",
"value": "Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite una divulgaci\u00f3n de informaci\u00f3n remota en el archivo bin/web.conf por medio de peticiones HTTP."
}
],
"id": "CVE-2019-19837",
"lastModified": "2024-11-21T04:35:29.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T13:15:12.010",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruckuswireless.com/security/299/view/txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes escribir de forma persistente im\u00e1genes no autorizadas."
}
],
"id": "CVE-2020-22655",
"lastModified": "2025-04-03T18:15:39.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.667",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized \"illegal region code\" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes cambiar y establecer un \"c\u00f3digo de regi\u00f3n ilegal\" no autorizado mediante ejecuci\u00f3n remota de c\u00f3digo Inyecci\u00f3n de comando que conduce a una frecuencia ilegal con m\u00e1xima potencia de salida. Esta vulnerabilidad permite al atacante crear una cantidad arbitraria de interfaz WLAN ssid por radio, lo que genera una sobrecarga de ruido (el l\u00edmite m\u00e1ximo predeterminado es 8 ssid solo por radio en AP solo). La vulnerabilidad permite al atacante desbloquear regiones ocultas mediante la inyecci\u00f3n de comandos de privilegios en la GUI WEB. "
}
],
"id": "CVE-2020-22662",
"lastModified": "2025-04-03T18:15:40.630",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:13.063",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-14 19:29
Modified
2024-11-21 03:29
Severity ?
Summary
Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7842F7BA-DB75-44BA-A505-03AC07443F55",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01AEB940-2D3C-4F8A-B2D2-075665F893EC",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08795F10-C276-4A7D-83FD-C39A8844D854",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:h320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B282766-1ACE-4249-99CB-CF8DD099EBDC",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:h510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01348379-0624-46A2-B0EF-8877A6CBB8B6",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r710_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61041E50-BDB8-431E-959F-BA6BF734F889",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r720_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F40E9FA2-CAD7-43E4-AACC-6E61B5D3B41C",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA58F89-2F73-42A6-AF00-BD17275650EA",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B07FA9-7E5A-4429-A4F6-B2AD1AB89388",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFEA172-9781-4FA8-96F2-DE09FB6340FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAD7213-2C06-4B24-8E36-9D5EE2B32720",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "787156EB-F6AA-445F-8B56-4C3696E08697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t610_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0395ED7F-AE77-4FF3-A139-718956FA13A7",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t710_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A02D3DD9-5369-45E4-84BE-678EC3DDDAC4",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "862672CC-0480-405C-9791-8993D19931A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6248C61C-ED6C-42AC-8B0D-DF197BF1107D",
"versionEndExcluding": "200.6.10.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA60F3C8-CF88-4336-A214-98292E45B39D",
"versionEndIncluding": "9.10.2.0.53",
"versionStartIncluding": "9.10.2.0.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87A7791C-AD3E-433E-9383-69BCC6F1A91F",
"versionEndIncluding": "9.12.3.0.83",
"versionStartIncluding": "9.12.3.0.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "882D995A-9677-46BD-BF59-91DDAA4C73F6",
"versionEndIncluding": "9.13.3.0.145",
"versionStartIncluding": "9.13.3.0.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB97CF78-F5A4-4BEE-B447-4E27CE05022B",
"versionEndIncluding": "10.0.1.0.44",
"versionStartIncluding": "10.0.1.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.1.0.0.1515:*:*:*:*:*:*:*",
"matchCriteriaId": "E832AD5B-50F7-4BB1-9116-33B67286D197",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DBB4B6-0ED3-425A-AB4A-B8B76521312F",
"versionEndIncluding": "9.10.2.0.53",
"versionStartIncluding": "9.10.2.0.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77C9E693-D648-4636-97E0-62B819DDB9CB",
"versionEndIncluding": "9.12.3.0.83",
"versionStartIncluding": "9.12.3.0.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC11B771-8CB6-4009-861F-0AC6CA0519C1",
"versionEndIncluding": "9.13.3.0.145",
"versionStartIncluding": "9.13.3.0.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F9F52E-11E2-4995-AA03-F0AC4F33D0C9",
"versionEndIncluding": "10.0.1.0.44",
"versionStartIncluding": "10.0.1.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.1.0.0.1515:*:*:*:*:*:*:*",
"matchCriteriaId": "A8636729-51EA-4292-8477-C78C11C5A8AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
},
{
"lang": "es",
"value": "Ruckus Networks Unleashed AP, en versiones de firmware anteriores a 200.6.10.1.x y Ruckus Networks Zone Director, en versiones de firmware 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x y 10.0.1.0.x o anteriores, contienen inyecci\u00f3n de comandos root autenticados en la interfaz de l\u00ednea de comandos que podr\u00edan permitir que usuarios autenticados v\u00e1lidos ejecuten comandos privilegiados en los respectivos sistemas."
}
],
"id": "CVE-2017-6229",
"lastModified": "2024-11-21T03:29:18.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-14T19:29:00.213",
"references": [
{
"source": "sirt@brocade.com",
"tags": [
"Vendor Advisory"
],
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
}
],
"sourceIdentifier": "sirt@brocade.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to make the Secure Boot in failed attempts state (rfwd).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to make the Secure Boot in failed attempts state (rfwd)."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a atacantes realizar el arranque seguro en estado de intentos fallidos (rfwd)."
}
],
"id": "CVE-2020-22656",
"lastModified": "2025-04-03T18:15:39.513",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.720",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1272"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, SmartCell Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes evitar el error de suma de comprobaci\u00f3n md5 incorrecta de la imagen del firmware."
}
],
"id": "CVE-2020-22654",
"lastModified": "2025-04-03T18:15:39.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.610",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, celda inteligente Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes realizar una omisi\u00f3n de autenticaci\u00f3n de inicio de sesi\u00f3n en la GUI WEB."
}
],
"id": "CVE-2020-22657",
"lastModified": "2025-04-03T18:15:39.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.787",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 19:15
Modified
2025-04-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruckuswireless | r310_firmware | 10.5.1.0.199 | |
| ruckuswireless | r310 | - | |
| ruckuswireless | r500_firmware | 10.5.1.0.199 | |
| ruckuswireless | r500 | - | |
| ruckuswireless | r600_firmware | 10.5.1.0.199 | |
| ruckuswireless | r600 | - | |
| ruckuswireless | t300_firmware | 10.5.1.0.199 | |
| ruckuswireless | t300 | - | |
| ruckuswireless | t301n_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301n | - | |
| ruckuswireless | t301s_firmware | 10.5.1.0.199 | |
| ruckuswireless | t301s | - | |
| ruckuswireless | scg200_firmware | * | |
| ruckuswireless | scg200 | - | |
| ruckuswireless | sz-100_firmware | * | |
| ruckuswireless | sz-100 | - | |
| ruckuswireless | sz-300_firmware | * | |
| ruckuswireless | sz-300 | - | |
| ruckuswireless | vsz_firmware | * | |
| ruckuswireless | vsz | - | |
| ruckuswireless | zonedirector_1100_firmware | 9.10.2.0.130 | |
| ruckuswireless | zonedirector_1100 | - | |
| ruckuswireless | zonedirector_1200_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_1200 | - | |
| ruckuswireless | zonedirector_3000_firmware | 10.2.1.0.218 | |
| ruckuswireless | zonedirector_3000 | - | |
| ruckuswireless | zonedirector_5000_firmware | 10.0.1.0.151 | |
| ruckuswireless | zonedirector_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED8801F-2B0B-480D-876D-9F662B995851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E54CB15F-CA79-403B-A1B1-B7832B65EEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "27E05347-1CFD-46FC-999A-90E6C40CEE26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "5D91278C-B07E-44FF-ABBA-10E8B5830FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "E0412E29-6DB5-4C01-B8C3-702EB7EBE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA3771-2795-403D-8506-C155403C8B7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775F1067-344F-49AD-9901-97D2F1AC5F0F",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB3968-8D8A-4D04-B3D1-18A28CA8C249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BCF71C-8A66-45C8-B1ED-8957B670CBF5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA2295-79BE-4728-8BF2-DEAB2BCAA0E5",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E5690D-7955-4E12-AE51-C3CDAD596096",
"versionEndExcluding": "3.6.2.0.795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*",
"matchCriteriaId": "76872953-AA21-41F1-832E-5CD04CA0FF9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF376AF6-E73A-425B-8E31-36330D8FEB73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "83AD20A3-C56E-4436-A9CC-29884EF9EB67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*",
"matchCriteriaId": "86A26EBE-4077-4DE7-BC6C-D38F5A3D3E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F42A8-8785-48A5-B0B0-68504EFD38B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*",
"matchCriteriaId": "04D53E59-6431-4ED3-BA0B-E54B2FBCDE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA49DE5-DA7F-4531-9ACF-353561DA90E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature."
},
{
"lang": "es",
"value": "En Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0 .199, SmartCell Gateway 200 (SCG200) anterior a 3.6.2.0.795, SmartZone 100 (SZ-100) anterior a 3.6.2.0.795, SmartZone 300 (SZ300) anterior a 3.6.2.0.795, Virtual SmartZone (vSZ) anterior a 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, una vulnerabilidad permite a los atacantes explotar la firma de la imagen oficial para forzar la inyecci\u00f3n de una firma de imagen no autorizada."
}
],
"id": "CVE-2020-22659",
"lastModified": "2025-04-03T18:15:40.023",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-01-20T19:15:12.897",
"references": [
{
"source": "cve@mitre.org",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ruckuswireless.com/security_bulletins/302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}