VYPR

Vendor CVEs

Ruckus

All CVEs

65 total · sorted by risk
  • CVE-2020-13916Jul 28, 2020
    risk 0.00cvss epss 0.04

    A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,…

  • CVE-2020-13915Jul 28, 2020
    risk 0.00cvss epss 0.02

    Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720,…

  • CVE-2020-13914Jul 28, 2020
    risk 0.00cvss epss 0.02

    webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710,…

  • CVE-2020-13913Jul 28, 2020
    risk 0.00cvss epss 0.01

    An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,…

  • CVE-2020-8033May 5, 2020
    risk 0.00cvss epss 0.01

    Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.

  • CVE-2020-7983May 5, 2020
    risk 0.00cvss epss 0.01

    A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.

  • CVE-2020-8438Jan 29, 2020
    risk 0.00cvss epss 0.02

    Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring.

  • CVE-2019-19839Jan 23, 2020
    risk 0.00cvss epss 0.03

    emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.

  • CVE-2019-19835Jan 23, 2020
    risk 0.00cvss epss 0.02

    SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.

  • CVE-2019-19837Jan 23, 2020
    risk 0.00cvss epss 0.02

    Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.

  • CVE-2019-19841Jan 22, 2020
    risk 0.00cvss epss 0.03

    emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.

  • CVE-2019-19843Jan 22, 2020
    risk 0.00cvss epss 0.02

    Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

  • CVE-2019-19836Jan 22, 2020
    risk 0.00cvss epss 0.04

    AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.

  • CVE-2019-19834Jan 22, 2020
    risk 0.00cvss epss 0.02

    Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.

  • CVE-2020-7234Jan 19, 2020
    risk 0.00cvss epss 0.01

    Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration > Radio 2.4G > Wireless X screen (after a successful login to the super account).

Page 2 of 2