CVE-2021-33215

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal...

CVE-2021-33221

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints...

IBM Cloud Pak for Security 信息泄露漏洞

IBM Cloud Pak for Security is an application from IBM America, Inc. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. A security vulnerability exists in IBM Cloud Pak for Security CP4S that stems from...

CVE-2021-29894

IBM Cloud Pak for Security CP4S 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207320...

CVE-2021-29696

IBM Cloud Pak for Security CP4S 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request...

CVE-2021-20541

IBM Cloud Pak for Security CP4S 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927...

CVE-2021-20540

IBM Cloud Pak for Security CP4S 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923...

CVE-2021-33219

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts...

CVE-2021-33216

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account...

CVE-2021-33215

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal...

PT-2021-20086 · Commscope · Commscope Ruckus Iot Controller

Name of the Vulnerable Software and Affected Versions: CommScope Ruckus IoT Controller versions 1.7.1.0 and earlier Description: An issue exists in the CommScope Ruckus IoT Controller, where an undocumented backdoor allows shell access via a developer account. This backdoor enables unauthorized...

CommScope Ruckus IoT Controller 路径遍历漏洞

The Commscope CommScope Ruckus IoT Controller is an IoT controller from Commscope, Inc. A virtual controller that integrates with the SmartZone controller to perform connectivity, device and security management functions for non-Wi-Fi devices. A path traversal vulnerability exists in the CommScop...

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded System Passwords Vulnerability

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded System Passwords Vulnerability 1. Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-259: Use of Hard-coded Password CVE ID:...

CommScope Ruckus IoT Controller 访问控制错误漏洞

The Commscope CommScope Ruckus IoT Controller is an IoT controller from Commscope, Inc. A virtual controller that integrates with the SmartZone controller to perform connectivity, device and security management functions for non-Wi-Fi devices. An access control error vulnerability exists in...

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded Web Application Administrator Password

KL-001-2021-004: CommScope Ruckus IoT Controller Hard-coded Web Application Administrator Password Title: CommScope Ruckus IoT Controller Hard-coded Web Application Administrator Password Advisory ID: KL-001-2021-004 Publication Date: 2021.05.26 Publication URL:...

CommScope Ruckus IoT Controller 信任管理问题漏洞

The Commscope CommScope Ruckus IoT Controller is an IoT controller from Commscope, Inc. A virtual controller that integrates with the SmartZone controller to perform connectivity, device and security management functions for non-Wi-Fi devices. A trust management issue vulnerability exists in...

CVE-2020-26925

NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service...

Denial of service

NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service...

CVE-2020-5276 Reflected XSS on AdminCarts page of PrestaShop

In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a reflected XSS on AdminCarts page with cartBox parameter The problem is fixed in 1.7.6.5...

CVE-2016-8220

Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials at a public route...