CVE-2020-13917: Command Injection
First published: Tue Jul 28 2020(Updated: )
rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ruckuswireless Unleashed firmware | <=200.7.10.102.92 | |
| Ruckus Wireless C110 | ||
| Ruckus Wireless E510 | ||
| Ruckus Wireless H320 | ||
| Ruckus Wireless H510 | ||
| Ruckus Wireless M510 | ||
| Ruckus Wireless R310 | ||
| Ruckus Wireless R320 | ||
| Arris Ruckus Zoneflex R500 | ||
| Ruckus Wireless R510 | ||
| Ruckus Wireless R600 | ||
| Ruckus Wireless R610 | ||
| Ruckus Wireless R710 | ||
| Ruckus Wireless R720 | ||
| Ruckus Wireless R750 | ||
| Ruckus Wireless T300 | ||
| Ruckus Wireless T301n | ||
| Ruckus Wireless T301s | ||
| Ruckus Wireless T310c | ||
| Ruckus Wireless T310d | ||
| Ruckus Wireless T310n | ||
| Ruckus Wireless T310s | ||
| Ruckus Wireless T610 | ||
| Ruckus Wireless T710 | ||
| Ruckus Wireless T710S |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-13917?
CVE-2020-13917 is classified as a high-severity vulnerability due to its potential for remote command injection.
How do I fix CVE-2020-13917?
To fix CVE-2020-13917, update the Ruckus Wireless Unleashed firmware to a version later than 200.7.10.102.
Which devices are affected by CVE-2020-13917?
CVE-2020-13917 affects various Ruckus Wireless devices running vulnerable firmware, including the C110, E510, H320, and R series.
Can CVE-2020-13917 lead to unauthorized access?
Yes, CVE-2020-13917 can allow remote attackers to achieve command injection, potentially leading to unauthorized access to the device.
Is CVE-2020-13917 being actively exploited?
At the time of identification, CVE-2020-13917 was considered a critical vulnerability, prompting organizations to take immediate action to mitigate risks.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ruckuswireless
- canonical/ruckuswireless unleashed firmware
- version/ruckuswireless unleashed firmware/200.7.10.102.92
- canonical/ruckus wireless c110
- canonical/ruckus wireless e510
- canonical/ruckus wireless h320
- canonical/ruckus wireless h510
- canonical/ruckus wireless m510
- canonical/ruckus wireless r310
- canonical/ruckus wireless r320
- canonical/arris ruckus zoneflex r500
- canonical/ruckus wireless r510
- canonical/ruckus wireless r600
- canonical/ruckus wireless r610
- canonical/ruckus wireless r710
- canonical/ruckus wireless r720
- canonical/ruckus wireless r750
- canonical/ruckus wireless t300
- canonical/ruckus wireless t301n
- canonical/ruckus wireless t301s
- canonical/ruckus wireless t310c
- canonical/ruckus wireless t310d
- canonical/ruckus wireless t310n
- canonical/ruckus wireless t310s
- canonical/ruckus wireless t610
- canonical/ruckus wireless t710
- canonical/ruckus wireless t710s