CVE-2020-13919

Опубликовано: 28 июл. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

Ссылки

https://support.ruckuswireless.com/security_bulletins/304
Vendor Advisory
https://support.ruckuswireless.com/security_bulletins/304
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*

Версия до 200.7.10.102.92 (включая)

Одно из

cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*

cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00766

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-77

Связанные уязвимости

GHSA-q9r7-c339-rwv2

github

больше 3 лет назад