First published: Wed Jan 22 2020(Updated: )
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ruckuswireless Unleashed | <200.7.10.202.94 | |
Ruckuswireless C110 | ||
Ruckuswireless E510 | ||
Ruckuswireless H320 | ||
Ruckuswireless H510 | ||
Ruckuswireless M510 | ||
Ruckuswireless R310 | ||
Ruckuswireless R320 | ||
Ruckuswireless R510 | ||
Ruckuswireless R610 | ||
Ruckuswireless R710 | ||
Ruckuswireless R720 | ||
Ruckuswireless T310 | ||
Ruckuswireless T610 | ||
Ruckuswireless T710 | ||
Ruckuswireless Zonedirector 1200 Firmware | <9.10.2.0.84 | |
Ruckuswireless Zonedirector 1200 Firmware | >=9.12.0<9.12.3.0.136 | |
Ruckuswireless Zonedirector 1200 Firmware | >=9.13.0<10.0.1.0.90 | |
Ruckuswireless Zonedirector 1200 Firmware | >=10.1.0<10.1.2.0.275 | |
Ruckuswireless Zonedirector 1200 Firmware | >=10.2.0<10.2.1.0.147 | |
Ruckuswireless Zonedirector 1200 Firmware | >=10.3.0<10.3.1.0.21 | |
Ruckuswireless Zonedirector 1200 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.