15 matches found
CVE-2020-7234
Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration Radio 2.4G Wireless X screen after a successful login to the super account...
EUVD-2020-28362
Malware in sbrugna...
EUVD-2020-29305
Malware in sbrugna...
CVE-2020-8438
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat$IFS substring...
CommScope Ruckus ZoneFlex R500 Cross-Site Scripting Vulnerability
CommScope Ruckus ZoneFlex R500 is a wireless access point product from CommScope, Inc. A cross-site scripting vulnerability exists in CommScope Ruckus ZoneFlex R500 version 3.4.2.0.384. No details of the vulnerability are provided at this time...
Ruckus ZoneFlex R500 OS Command Execution Vulnerability
The Ruckus ZoneFlex is a Wi-Fi access point. A security vulnerability in the Ruckus ZoneFlex R500 /forms/nslookupHandler form processing parameter allows remote attackers to exploit the vulnerability to submit a special request that can execute arbitrary OS commands...
CVE-2020-8438
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat$IFS substring...
CVE-2020-8438
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat$IFS substring...
Design/Logic Flaw
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat$IFS substring...
CVE-2020-8438
The CVE-2020-8438 entry concerns Ruckus ZoneFlex R500 devices (reported as version 104.0.0.0.1347) where an authenticated attacker can execute arbitrary OS commands through the hidden /forms/nslookupHandler form, demonstrated by the nslookuptarget=|cat${IFS} payload. The connected documents provi...
CVE-2020-8438
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat$IFS substring...
CVE-2020-7234
Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration Radio 2.4G Wireless X screen after a successful login to the super account...
CVE-2020-7234
Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration Radio 2.4G Wireless X screen after a successful login to the super account...
CVE-2020-7234
Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration Radio 2.4G Wireless X screen after a successful login to the super account...
Ruckus ZoneFlex R310 Cross-Site Scripting Vulnerability
The Ruckus ZoneFlex R310 is an indoor 802.11ac Wi-Fi access point. A cross-site scripting vulnerability exists in the Ruckus ZoneFlex R310 version 104.0.0.0.1347, which stems from a lack of proper validation of client data by the WEB application and can be exploited by an attacker to execute...