← Volver a CVEs
CVE-2020-13918
HIGH7.5
Descripcion
Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado7/28/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
ruckuswireless:c110ruckuswireless:e510ruckuswireless:h320ruckuswireless:h510ruckuswireless:m510ruckuswireless:r310ruckuswireless:r320ruckuswireless:r500ruckuswireless:r510ruckuswireless:r600ruckuswireless:r610ruckuswireless:r710ruckuswireless:r720ruckuswireless:r750ruckuswireless:t300ruckuswireless:t301nruckuswireless:t301sruckuswireless:t310cruckuswireless:t310druckuswireless:t310nruckuswireless:t310sruckuswireless:t610ruckuswireless:t710ruckuswireless:t710sruckuswireless:unleashed_firmware
Referencias
https://support.ruckuswireless.com/security_bulletins/304(cve@mitre.org)
https://support.ruckuswireless.com/security_bulletins/304(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.