VAR-201802-0642
Vulnerability from variot - Updated: 2024-11-23 23:08Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0642",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zonedirector 1200",
"scope": "eq",
"trust": 1.6,
"vendor": "ruckuswireless",
"version": "10.1.0.0.1515"
},
{
"model": "zonedirector 3000",
"scope": "eq",
"trust": 1.6,
"vendor": "ruckuswireless",
"version": "10.1.0.0.1515"
},
{
"model": "zonedirector 3000",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.12.3.0.28"
},
{
"model": "t300e",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 1200",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.13.3.0.22"
},
{
"model": "t301",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "r710",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "r500",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "t710",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "r310",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "h510",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "r600",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 1200",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.13.3.0.145"
},
{
"model": "zonedirector 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.10.2.0.53"
},
{
"model": "zonedirector 1200",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.12.3.0.83"
},
{
"model": "zonedirector 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "10.0.1.0.44"
},
{
"model": "t300",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 1200",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "10.0.1.0.17"
},
{
"model": "zonedirector 1200",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.10.2.0.11"
},
{
"model": "t610",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 3000",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.13.3.0.22"
},
{
"model": "r720",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "r510",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 3000",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "10.0.1.0.17"
},
{
"model": "zonedirector 3000",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.10.2.0.11"
},
{
"model": "zonedirector 1200",
"scope": "gte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.12.3.0.28"
},
{
"model": "h320",
"scope": "lt",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "200.6.10.1.0"
},
{
"model": "zonedirector 1200",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "10.0.1.0.44"
},
{
"model": "zonedirector 1200",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.10.2.0.53"
},
{
"model": "zonedirector 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.13.3.0.145"
},
{
"model": "zonedirector 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "ruckuswireless",
"version": "9.12.3.0.83"
},
{
"model": "h320",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "h510",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r310",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r500",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r510",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r600",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r710",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "r720",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "t300",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "t300e",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "t301",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "t610",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "t710",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "zonedirector 1200",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": "zonedirector 3000",
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ruckus_wireless:h320_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:h510_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r310_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r510_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r710_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:r720_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:t300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:t300e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:t301_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:t610_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:t710_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_1200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ruckus_wireless:zonedirector_3000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
}
]
},
"cve": "CVE-2017-6229",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-6229",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-114432",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-6229",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-6229",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-6229",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-916",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-114432",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114432"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. Both Ruckus Networks Unleashed AP and Ruckus Networks Zone Director are wireless access points from Ruckus Wireless. A remote attacker could exploit this vulnerability to execute privileged commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "VULHUB",
"id": "VHN-114432"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6229",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-114432",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114432"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"id": "VAR-201802-0642",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-114432"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:08:46.893000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Authenticated Root Command Injection Vulnerabilities in CLI of ZD/Unleashed APs and Web-GUI of Solo/SZ Managed APs (CVE-2017-6229, CVE2017-6230)",
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114432"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6229"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6229"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114432"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-114432"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-14T00:00:00",
"db": "VULHUB",
"id": "VHN-114432"
},
{
"date": "2018-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"date": "2018-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"date": "2018-02-14T19:29:00.213000",
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-114432"
},
{
"date": "2018-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012629"
},
{
"date": "2018-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-916"
},
{
"date": "2024-11-21T03:29:18.477000",
"db": "NVD",
"id": "CVE-2017-6229"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruckus Networks Unleashed AP and Zone Director In firmware OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012629"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-916"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…