CommScope Ruckus ZoneFlex R500 Cross-Site Request Forgery Vulnerability

CommScope Ruckus ZoneFlex R500 is a wireless access point product from CommScope, Inc. A cross-site request forgery vulnerability exists in the login.asp page in the CommScope Ruckus ZoneFlex R500. An attacker could exploit this vulnerability to perform a crawl or other analysis with the SUBCA-1...

Cross site request forgery (csrf)

CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen...