Vulnerabilities > CVE-2019-19840 - Out-of-bounds Write vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://alephsecurity.com/2020/01/14/ruckus-wireless
- https://alephsecurity.com/2020/01/14/ruckus-wireless
- https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html
- https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html
- https://www.ruckuswireless.com/security/299/view/txt
- https://www.ruckuswireless.com/security/299/view/txt