Vulnerabilities > Commscope > Ruckus Zoneflex R500 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-05 | CVE-2020-8830 | Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen. | 6.8 |
| 2020-05-05 | CVE-2020-8033 | Cross-site Scripting vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384 Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field. | 4.3 |
| 2020-05-05 | CVE-2020-7983 | Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384 A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks. | 5.8 |