PT-2020-19898 · Ruckus · Ruckus R500

Published

2020-05-05

Updated

2020-05-07

CVE-2020-7983

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Ruckus R500 version 3.4.2.0.384

Description A CSRF issue in the "login.asp" page allows remote attackers to access the panel or conduct SSRF attacks.

Recommendations For version 3.4.2.0.384, consider disabling access to the "login.asp" page until a patch is available. Restrict access to the login functionality to minimize the risk of exploitation.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2020-7983

Affected Products

Ruckus R500

PT-2020-19898 · Ruckus · Ruckus R500

CVE-2020-7983

Weakness Enumeration

Related Identifiers

Affected Products

References · 3