Lucene search

Ruckus Zoneflex R500 Firmware Security Vulnerabilities

cve

CVE-2020-8033

Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name...

6.1CVSS

6AI Score

0.001EPSS

2020-05-05 06:15 PM

cve

CVE-2020-7983

A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF...

8.1CVSS

8.1AI Score

0.003EPSS

2020-05-05 06:15 PM

cve

CVE-2020-8830

CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin...

8.8CVSS

8.6AI Score

0.001EPSS

2020-05-05 06:15 PM

cve

CVE-2020-8438

Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS}...

7.2CVSS

7.3AI Score

0.004EPSS

2020-01-29 11:15 PM