Ruckuswireless R510
20 CVEs affecting Ruckuswireless R510. Latest disclosed: 2023-12-07. Critical: 11, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25717 | Critical | 9.8 | 2023-02-13 | Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=adm… |
CVE-2020-13919 | Critical | 9.8 | 2020-07-28 | emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects… |
CVE-2020-13917 | Critical | 9.8 | 2020-07-28 | rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command… |
CVE-2020-13916 | Critical | 9.8 | 2020-07-28 | A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HT… |
CVE-2019-19839 | Critical | 9.8 | 2020-01-23 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-cate… |
CVE-2019-19838 | Critical | 9.8 | 2020-01-23 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platfor… |
CVE-2019-19842 | Critical | 9.8 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-ana… |
CVE-2019-19841 | Critical | 9.8 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capt… |
CVE-2019-19840 | Critical | 9.8 | 2020-01-22 | A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated… |
CVE-2019-19843 | Critical | 9.8 | 2020-01-22 | Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP r… |
CVE-2019-19836 | Critical | 9.8 | 2020-01-22 | AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp… |
CVE-2017-6229 | High | 8.8 | 2018-02-14 | Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13… |
CVE-2020-13918 | High | 7.5 | 2020-07-28 | Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for… |
CVE-2020-13915 | High | 7.5 | 2020-07-28 | Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthen… |
CVE-2020-13914 | High | 7.5 | 2020-07-28 | webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an un… |
CVE-2019-19835 | High | 7.5 | 2020-01-23 | SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the too… |
CVE-2019-19834 | High | 7.2 | 2020-01-22 | Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script… |
CVE-2023-49225 | Medium | 6.1 | 2023-12-07 | A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbi… |
CVE-2020-13913 | Medium | 6.1 | 2020-07-28 | An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HT… |
CVE-2019-19837 | Medium | 5.3 | 2020-01-23 | Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTT… |