PT-2020-13779 · Ruckus Wireless · Ruckus Wireless Unleashed

Published

2020-07-28

Updated

2021-07-21

CVE-2020-13918

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ruckus Wireless Unleashed versions through 200.7.10.102.92

Description The issue allows a remote attacker to leak system information via an unauthenticated crafted HTTP request due to incorrect access control. This can potentially be used for a jailbreak. The estimated number of potentially affected devices is not specified.

Recommendations For versions through 200.7.10.102.92, update to a version later than 200.7.10.102.92 to resolve the issue. As a temporary workaround, consider restricting access to the affected HTTP endpoints to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-13918

Affected Products

Ruckus Wireless Unleashed

PT-2020-13779 · Ruckus Wireless · Ruckus Wireless Unleashed

CVE-2020-13918

Related Identifiers

Affected Products

References · 3