Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

VAR-202301-1662

Vulnerability from variot - Updated: 2025-04-04 23:31

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI. plural Ruckus Networks ( Old Ruckus Wireless, Inc.) Contains a command injection vulnerability.Information may be tampered with

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-1662",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zonedirector 1100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.130"
      },
      {
        "model": "t301s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r310",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "t301n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "zonedirector 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.2.1.0.218"
      },
      {
        "model": "sz-100",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "t300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "sz-300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "zonedirector 5000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.151"
      },
      {
        "model": "scg200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "zonedirector 1200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.2.1.0.218"
      },
      {
        "model": "vsz",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "vsz",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "zonedirector 3000",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "sz-100",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "t300",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r310",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r600",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "zonedirector 5000",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r500",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "zonedirector 1100",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "scg200",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "cve": "CVE-2020-22662",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-22662",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-22662",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-22662",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "id": "CVE-2020-22662",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-22662",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-1621",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized \"illegal region code\" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI. plural Ruckus Networks ( Old Ruckus Wireless, Inc.) Contains a command injection vulnerability.Information may be tampered with",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22662"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-22662",
        "trust": 3.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621",
        "trust": 0.6
      },
      {
        "db": "OTHER",
        "id": "NONE",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22662",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "id": "VAR-202301-1662",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "OTHER",
        "id": null
      }
    ],
    "trust": 0.01
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "network device"
        ],
        "sub_category": "access point",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      }
    ]
  },
  "last_update_date": "2025-04-04T23:31:31.610000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Bulletin\u00a020200302",
        "trust": 0.8,
        "url": "https://support.ruckuswireless.com/security_bulletins/302"
      },
      {
        "title": "Ruckus Networks Repair measures for command injection vulnerabilities in multiple products",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223507"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-77",
        "trust": 1.0
      },
      {
        "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.ruckuswireless.com/security_bulletins/302"
      },
      {
        "trust": 1.0,
        "url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-22662"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2020-22662/"
      },
      {
        "trust": 0.1,
        "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-20T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-22662"
      },
      {
        "date": "2023-07-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "date": "2023-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "date": "2023-01-20T19:15:13.063000",
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-22662"
      },
      {
        "date": "2023-07-11T06:53:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      },
      {
        "date": "2023-02-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      },
      {
        "date": "2025-04-03T18:15:40.630000",
        "db": "NVD",
        "id": "CVE-2020-22662"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Ruckus\u00a0Networks\u00a0( Old \u00a0Ruckus\u00a0Wireless,\u00a0Inc.)\u00a0 Command injection vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017630"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "command injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1621"
      }
    ],
    "trust": 0.6
  }
}

VAR-202301-1812

Vulnerability from variot - Updated: 2025-04-04 22:36

R310 firmware, R500 firmware, R600 firmware etc. Ruckus Networks ( Old Ruckus Wireless, Inc.) The product contains authentication vulnerabilities.Information may be obtained and information may be tampered with.

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-1812",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zonedirector 1100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.130"
      },
      {
        "model": "t301s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r310",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "r600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "t301n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "zonedirector 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.2.1.0.218"
      },
      {
        "model": "sz-100",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "t300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.5.1.0.199"
      },
      {
        "model": "sz-300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "zonedirector 5000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.151"
      },
      {
        "model": "scg200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "zonedirector 1200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.2.1.0.218"
      },
      {
        "model": "vsz",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "3.6.2.0.795"
      },
      {
        "model": "t301s",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "sz-300",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r310",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "scg200",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "t300",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r600",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "t301n",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "sz-100",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "r500",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      },
      {
        "model": "vsz",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus \u65e7 ruckus",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "cve": "CVE-2020-22657",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-22657",
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 9.1,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2020-22657",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-22657",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "id": "CVE-2020-22657",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-22657",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-1629",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "R310 firmware, R500 firmware, R600 firmware etc. Ruckus Networks ( Old Ruckus Wireless, Inc.) The product contains authentication vulnerabilities.Information may be obtained and information may be tampered with.",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      }
    ],
    "trust": 0.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-22657",
        "trust": 3.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629",
        "trust": 0.6
      },
      {
        "db": "OTHER",
        "id": "NONE",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22657",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22657"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "id": "VAR-202301-1812",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "OTHER",
        "id": null
      }
    ],
    "trust": 0.01
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "network device"
        ],
        "sub_category": "gateway",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      }
    ]
  },
  "last_update_date": "2025-04-04T22:36:42.625000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Ruckus Networks Unleashed C110 Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223297"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.0
      },
      {
        "problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.ruckuswireless.com/security_bulletins/302"
      },
      {
        "trust": 1.0,
        "url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-22657"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2020-22657/"
      },
      {
        "trust": 0.1,
        "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22657"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-22657"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-20T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-22657"
      },
      {
        "date": "2023-07-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "date": "2023-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "date": "2023-01-20T19:15:12.787000",
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-22657"
      },
      {
        "date": "2023-07-05T08:12:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      },
      {
        "date": "2023-02-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      },
      {
        "date": "2025-04-03T18:15:39.810000",
        "db": "NVD",
        "id": "CVE-2020-22657"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Ruckus\u00a0Networks\u00a0( Old \u00a0Ruckus\u00a0Wireless,\u00a0Inc.)\u00a0 Product certification vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-017615"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-1629"
      }
    ],
    "trust": 0.6
  }
}

VAR-201802-0642

Vulnerability from variot - Updated: 2024-11-23 23:08

Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201802-0642",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zonedirector 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ruckuswireless",
        "version": "10.1.0.0.1515"
      },
      {
        "model": "zonedirector 3000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ruckuswireless",
        "version": "10.1.0.0.1515"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.28"
      },
      {
        "model": "t300e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.22"
      },
      {
        "model": "t301",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "t710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r310",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "h510",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.145"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.53"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.83"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.44"
      },
      {
        "model": "t300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.17"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.11"
      },
      {
        "model": "t610",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.22"
      },
      {
        "model": "r720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "r510",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.17"
      },
      {
        "model": "zonedirector 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.11"
      },
      {
        "model": "zonedirector 1200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.28"
      },
      {
        "model": "h320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "200.6.10.1.0"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "10.0.1.0.44"
      },
      {
        "model": "zonedirector 1200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.10.2.0.53"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.13.3.0.145"
      },
      {
        "model": "zonedirector 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "9.12.3.0.83"
      },
      {
        "model": "h320",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "h510",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r310",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r500",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r510",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r600",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r710",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "r720",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t300",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t300e",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t301",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t610",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "t710",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "zonedirector 1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "zonedirector 3000",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:h320_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:h510_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r310_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r510_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r710_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r720_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t300e_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t301_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t610_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:t710_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_3000_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ]
  },
  "cve": "CVE-2017-6229",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-6229",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-114432",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-6229",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-6229",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-6229",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201802-916",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-114432",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6229",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-114432",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "id": "VAR-201802-0642",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T23:08:46.893000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Authenticated Root Command Injection Vulnerabilities in CLI of ZD/Unleashed APs and Web-GUI of Solo/SZ Managed APs (CVE-2017-6229, CVE2017-6230)",
        "trust": 0.8,
        "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6229"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6229"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "date": "2018-03-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "date": "2018-02-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "date": "2018-02-14T19:29:00.213000",
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114432"
      },
      {
        "date": "2018-03-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      },
      {
        "date": "2018-08-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      },
      {
        "date": "2024-11-21T03:29:18.477000",
        "db": "NVD",
        "id": "CVE-2017-6229"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Networks Unleashed AP and  Zone Director In firmware  OS Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012629"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-916"
      }
    ],
    "trust": 0.6
  }
}

VAR-202001-1779

Vulnerability from variot - Updated: 2024-11-23 22:11

Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration > Radio 2.4G > Wireless X screen (after a successful login to the super account). Ruckus ZoneFlex The device contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. Ruckus ZoneFlex R310 is an indoor 802.11ac Wi-Fi access point. The vulnerability stems from the lack of proper verification of client data by web applications. Attackers can use this vulnerability to execute client code

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1779",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "r310",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ruckuswireless",
        "version": "104.0.0.0.1347"
      },
      {
        "model": "r310",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ruckus",
        "version": "104.0.0.0.1347"
      },
      {
        "model": "wireless zoneflex r310",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ruckus",
        "version": "104.0.0.0.1347"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:ruckus_wireless:r310_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      }
    ]
  },
  "cve": "CVE-2020-7234",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2020-7234",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2020-03934",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.7,
            "id": "CVE-2020-7234",
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2020-7234",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "High",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-7234",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-7234",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-03934",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202001-878",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration \u003e Radio 2.4G \u003e Wireless X screen (after a successful login to the super account). Ruckus ZoneFlex The device contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. Ruckus ZoneFlex R310 is an indoor 802.11ac Wi-Fi access point. The vulnerability stems from the lack of proper verification of client data by web applications. Attackers can use this vulnerability to execute client code",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7234",
        "trust": 3.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "id": "VAR-202001-1779",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:11:38.779000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "R310 Indoor Access Point",
        "trust": 0.8,
        "url": "https://www.ruckuswireless.com/products/access-points/ruckus-indoor/ruckus-r310"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://sku11army.blogspot.com/2020/01/ruckus-wireless-authenticated-stored.html"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7234"
      },
      {
        "trust": 1.2,
        "url": "https://sku11army.blogspot.com/2020/01/uhp-networks-multiple-reflected-xss-in.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7234"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-02-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "date": "2020-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "date": "2020-01-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "date": "2020-01-19T21:15:10.943000",
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-02-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "date": "2020-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-001412"
      },
      {
        "date": "2021-01-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      },
      {
        "date": "2024-11-21T05:36:53.223000",
        "db": "NVD",
        "id": "CVE-2020-7234"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus ZoneFlex R310 Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-03934"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202001-878"
      }
    ],
    "trust": 0.6
  }
}

Search criteria

4 vulnerabilities found for r310 by ruckuswireless

VAR-202301-1662

VAR-202301-1812

VAR-201802-0642

VAR-202001-1779