← volver
CVE-2020-26878

CVE-2020-26878

EPSS 11.5%
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://adepts.of0x.cchttps://adepts.of0x.cc/ruckus-vriot-rce/https://support.ruckuswireless.com/documentshttps://support.ruckuswireless.com/security_bulletins/305https://twitter.com/TheXC3LLhttps://x-c3ll.github.io