Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for smartzone_managed_access_point_firmware by ruckuswireless

    CVE-2017-6230 (GCVE-0-2017-6230)

    Vulnerability from nvd – Published: 2018-02-14 19:00 – Updated: 2024-09-16 19:04
    VLAI
    Summary
    Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems.
    Severity
    No CVSS data available.
    CWE
    • Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Ruckus Networks Solo APs and SZ managed APs Affected: Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before
    Create a notification for this product.
    Date Public
    2018-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T15:25:48.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ruckus Networks Solo APs and SZ managed APs",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before"
                }
              ]
            }
          ],
          "datePublic": "2018-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-14T18:57:02.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "DATE_PUBLIC": "2018-02-09T00:00:00",
              "ID": "CVE-2017-6230",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ruckus Networks Solo APs and SZ managed APs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt",
                  "refsource": "CONFIRM",
                  "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2017-6230",
        "datePublished": "2018-02-14T19:00:00.000Z",
        "dateReserved": "2017-02-23T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:04:44.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-6230 (GCVE-0-2017-6230)

    Vulnerability from cvelistv5 – Published: 2018-02-14 19:00 – Updated: 2024-09-16 19:04
    VLAI
    Summary
    Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems.
    Severity
    No CVSS data available.
    CWE
    • Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Ruckus Networks Solo APs and SZ managed APs Affected: Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before
    Create a notification for this product.
    Date Public
    2018-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T15:25:48.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ruckus Networks Solo APs and SZ managed APs",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before"
                }
              ]
            }
          ],
          "datePublic": "2018-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-14T18:57:02.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "DATE_PUBLIC": "2018-02-09T00:00:00",
              "ID": "CVE-2017-6230",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ruckus Networks Solo APs and SZ managed APs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Solo AP firmware releases R110.x or before and SZ managed APs firmware release R5.x or before"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authenticated command injection in WebUI interface of Solo and managed AP via tftp upgrade option."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt",
                  "refsource": "CONFIRM",
                  "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2017-6230",
        "datePublished": "2018-02-14T19:00:00.000Z",
        "dateReserved": "2017-02-23T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:04:44.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }