CVE-2020-13916: Buffer Overflow
First published: Tue Jul 28 2020(Updated: )
A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ruckuswireless Unleashed firmware | <=200.7.10.102.92 | |
| Ruckus Wireless C110 | ||
| Ruckus Wireless E510 | ||
| Ruckus Wireless H320 | ||
| Ruckus Wireless H510 | ||
| Ruckus Wireless M510 | ||
| Ruckus Wireless R310 | ||
| Ruckus Wireless R320 | ||
| Arris Ruckus Zoneflex R500 | ||
| Ruckus Wireless R510 | ||
| Ruckus Wireless R600 | ||
| Ruckus Wireless R610 | ||
| Ruckus Wireless R710 | ||
| Ruckus Wireless R720 | ||
| Ruckus Wireless R750 | ||
| Ruckus Wireless T300 | ||
| Ruckus Wireless T301n | ||
| Ruckus Wireless T301s | ||
| Ruckus Wireless T310c | ||
| Ruckus Wireless T310d | ||
| Ruckus Wireless T310n | ||
| Ruckus Wireless T310s | ||
| Ruckus Wireless T610 | ||
| Ruckus Wireless T710 | ||
| Ruckus Wireless T710S |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-13916?
CVE-2020-13916 is a critical severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2020-13916?
To fix CVE-2020-13916, upgrade to Ruckus Wireless Unleashed firmware version greater than 200.7.10.102.92.
Which devices are affected by CVE-2020-13916?
The vulnerable devices include various Ruckus Wireless Unleashed models up to firmware version 200.7.10.102.92.
What type of attack is possible with CVE-2020-13916?
An attacker can exploit CVE-2020-13916 to execute arbitrary code via an unauthenticated crafted HTTP request.
Is a workaround available for CVE-2020-13916?
There are no known workarounds for CVE-2020-13916; updating to a secure firmware version is required.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ruckuswireless
- canonical/ruckuswireless unleashed firmware
- version/ruckuswireless unleashed firmware/200.7.10.102.92
- canonical/ruckus wireless c110
- canonical/ruckus wireless e510
- canonical/ruckus wireless h320
- canonical/ruckus wireless h510
- canonical/ruckus wireless m510
- canonical/ruckus wireless r310
- canonical/ruckus wireless r320
- canonical/arris ruckus zoneflex r500
- canonical/ruckus wireless r510
- canonical/ruckus wireless r600
- canonical/ruckus wireless r610
- canonical/ruckus wireless r710
- canonical/ruckus wireless r720
- canonical/ruckus wireless r750
- canonical/ruckus wireless t300
- canonical/ruckus wireless t301n
- canonical/ruckus wireless t301s
- canonical/ruckus wireless t310c
- canonical/ruckus wireless t310d
- canonical/ruckus wireless t310n
- canonical/ruckus wireless t310s
- canonical/ruckus wireless t610
- canonical/ruckus wireless t710
- canonical/ruckus wireless t710s