← back
CVE-2020-26879

CVE-2020-26879

EPSS 42.5%
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://adepts.of0x.cchttps://adepts.of0x.cc/ruckus-vriot-rce/https://support.ruckuswireless.com/documentshttps://support.ruckuswireless.com/security_bulletins/305https://twitter.com/TheXC3LLhttps://x-c3ll.github.io