Ruckuswireless R320

19 CVEs affecting Ruckuswireless R320. Latest disclosed: 2023-12-07. Critical: 11, High: 5.

Top CVEs affecting Ruckuswireless R320
CVESeverityScorePublishedSummary
CVE-2023-25717Critical9.82023-02-13Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=adm…
CVE-2020-13919Critical9.82020-07-28emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects…
CVE-2020-13917Critical9.82020-07-28rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command…
CVE-2020-13916Critical9.82020-07-28A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HT…
CVE-2019-19839Critical9.82020-01-23emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-cate…
CVE-2019-19838Critical9.82020-01-23emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platfor…
CVE-2019-19842Critical9.82020-01-22emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-ana…
CVE-2019-19841Critical9.82020-01-22emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capt…
CVE-2019-19840Critical9.82020-01-22A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated…
CVE-2019-19843Critical9.82020-01-22Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP r…
CVE-2019-19836Critical9.82020-01-22AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp…
CVE-2020-13918High7.52020-07-28Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for…
CVE-2020-13915High7.52020-07-28Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthen…
CVE-2020-13914High7.52020-07-28webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an un…
CVE-2019-19835High7.52020-01-23SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the too…
CVE-2019-19834High7.22020-01-22Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script…
CVE-2023-49225Medium6.12023-12-07A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbi…
CVE-2020-13913Medium6.12020-07-28An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HT…
CVE-2019-19837Medium5.32020-01-23Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTT…