CVE-2019-19843

Опубликовано: 22 янв. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

Ссылки

https://alephsecurity.com/2020/01/14/ruckus-wireless
Exploit
Technical Description
Third Party Advisory
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html
Third Party Advisory
https://www.ruckuswireless.com/security/299/view/txt
Vendor Advisory
https://alephsecurity.com/2020/01/14/ruckus-wireless
Exploit
Technical Description
Third Party Advisory
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html
Third Party Advisory
https://www.ruckuswireless.com/security/299/view/txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*

Версия до 200.7.10.202.94 (исключая)

Одно из

cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из