CVE-2020-26879

Опубликовано: 26 окт. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Высокий

Описание

Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.

Ссылки

https://adepts.of0x.cc
Third Party Advisory
https://adepts.of0x.cc/ruckus-vriot-rce/
Exploit
Third Party Advisory
https://support.ruckuswireless.com/documents
Vendor Advisory
https://support.ruckuswireless.com/security_bulletins/305
Product
Vendor Advisory
https://twitter.com/TheXC3LL
Third Party Advisory
https://x-c3ll.github.io
Third Party Advisory
https://adepts.of0x.cc
Third Party Advisory
https://adepts.of0x.cc/ruckus-vriot-rce/
Exploit
Third Party Advisory
https://support.ruckuswireless.com/documents
Vendor Advisory
https://support.ruckuswireless.com/security_bulletins/305
Product
Vendor Advisory
https://twitter.com/TheXC3LL
Third Party Advisory
https://x-c3ll.github.io
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:commscope:ruckus_vriot:*:*:*:*:*:*:*:*

Версия до 1.5.1.0.21 (включая)

cpe:2.3:h:commscope:ruckus_iot_module:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.89451

Высокий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-v4g7-hcw8-gwmg

github

больше 3 лет назад