CVE-2020-22662: Command Injection
First published: Fri Jan 20 2023(Updated: )
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Ruckus Wireless R310 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless R310 | ||
| All of | ||
| Arris Ruckus Zoneflex R500 Firmware | =10.5.1.0.199 | |
| Arris Ruckus Zoneflex R500 | ||
| All of | ||
| Ruckus Wireless R600 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless R600 | ||
| All of | ||
| Ruckus Wireless T300 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T300 | ||
| All of | ||
| Ruckus Wireless T301n Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T301n | ||
| All of | ||
| Ruckus Wireless T301s Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T301s | ||
| All of | ||
| Ruckus Wireless SCG200 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SCG200 | ||
| All of | ||
| Ruckus Wireless SZ-100 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SZ-100 Firmware | ||
| All of | ||
| Ruckus Wireless SZ-300 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SZ-300 Firmware | ||
| All of | ||
| Ruckus Wireless VSZ | <3.6.2.0.795 | |
| Ruckus Wireless VSZ | ||
| All of | ||
| Ruckus Wireless ZoneDirector 1100 firmware | =9.10.2.0.130 | |
| Ruckus Wireless ZoneDirector 1100 | ||
| All of | ||
| Ruckus Wireless ZoneDirector 1200 Firmware | =10.2.1.0.218 | |
| Ruckus Wireless ZoneDirector 1200 | ||
| All of | ||
| Ruckus Wireless ZoneDirector 3000 | =10.2.1.0.218 | |
| Ruckus Wireless ZoneDirector 3000 | ||
| All of | ||
| Ruckus Wireless ZoneDirector 5000 | =10.0.1.0.151 | |
| Ruckus Wireless ZoneDirector 5000 | ||
| Ruckus Wireless R310 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless R310 | ||
| Arris Ruckus Zoneflex R500 Firmware | =10.5.1.0.199 | |
| Arris Ruckus Zoneflex R500 | ||
| Ruckus Wireless R600 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless R600 | ||
| Ruckus Wireless T300 Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T300 | ||
| Ruckus Wireless T301n Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T301n | ||
| Ruckus Wireless T301s Firmware | =10.5.1.0.199 | |
| Ruckus Wireless T301s | ||
| Ruckus Wireless SCG200 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SCG200 | ||
| Ruckus Wireless SZ-100 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SZ-100 Firmware | ||
| Ruckus Wireless SZ-300 Firmware | <3.6.2.0.795 | |
| Ruckus Wireless SZ-300 Firmware | ||
| Ruckus Wireless VSZ | <3.6.2.0.795 | |
| Ruckus Wireless VSZ | ||
| Ruckus Wireless ZoneDirector 1100 firmware | =9.10.2.0.130 | |
| Ruckus Wireless ZoneDirector 1100 | ||
| Ruckus Wireless ZoneDirector 1200 Firmware | =10.2.1.0.218 | |
| Ruckus Wireless ZoneDirector 1200 | ||
| Ruckus Wireless ZoneDirector 3000 | =10.2.1.0.218 | |
| Ruckus Wireless ZoneDirector 3000 | ||
| Ruckus Wireless ZoneDirector 5000 | =10.0.1.0.151 | |
| Ruckus Wireless ZoneDirector 5000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/type
- agent/severity
- agent/remedy
- agent/event
- agent/description
- agent/first-publish-date
- agent/references
- agent/author
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ruckuswireless
- canonical/ruckus wireless r310 firmware
- version/ruckus wireless r310 firmware/10.5.1.0.199
- canonical/ruckus wireless r310
- canonical/arris ruckus zoneflex r500 firmware
- version/arris ruckus zoneflex r500 firmware/10.5.1.0.199
- canonical/arris ruckus zoneflex r500
- canonical/ruckus wireless r600 firmware
- version/ruckus wireless r600 firmware/10.5.1.0.199
- canonical/ruckus wireless r600
- canonical/ruckus wireless t300 firmware
- version/ruckus wireless t300 firmware/10.5.1.0.199
- canonical/ruckus wireless t300
- canonical/ruckus wireless t301n firmware
- version/ruckus wireless t301n firmware/10.5.1.0.199
- canonical/ruckus wireless t301n
- canonical/ruckus wireless t301s firmware
- version/ruckus wireless t301s firmware/10.5.1.0.199
- canonical/ruckus wireless t301s
- canonical/ruckus wireless scg200 firmware
- canonical/ruckus wireless scg200
- canonical/ruckus wireless sz-100 firmware
- canonical/ruckus wireless sz-300 firmware
- canonical/ruckus wireless vsz
- canonical/ruckus wireless zonedirector 1100 firmware
- version/ruckus wireless zonedirector 1100 firmware/9.10.2.0.130
- canonical/ruckus wireless zonedirector 1100
- canonical/ruckus wireless zonedirector 1200 firmware
- version/ruckus wireless zonedirector 1200 firmware/10.2.1.0.218
- canonical/ruckus wireless zonedirector 1200
- canonical/ruckus wireless zonedirector 3000
- version/ruckus wireless zonedirector 3000/10.2.1.0.218
- canonical/ruckus wireless zonedirector 5000
- version/ruckus wireless zonedirector 5000/10.0.1.0.151