← voltar
CVE-2020-26878

CVE-2020-26878

EPSS 11.5%
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://adepts.of0x.cchttps://adepts.of0x.cc/ruckus-vriot-rce/https://support.ruckuswireless.com/documentshttps://support.ruckuswireless.com/security_bulletins/305https://twitter.com/TheXC3LLhttps://x-c3ll.github.io