Vulnerabilities > Ruckuswireless > Unleashed Firmware > 200.7.10.102.92

DATE CVE VULNERABILITY TITLE RISK
2020-07-28 CVE-2020-13919 Command Injection vulnerability in Ruckuswireless Unleashed Firmware
emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request.
network
low complexity
ruckuswireless CWE-77
critical
 9.8
9.8
2020-07-28 CVE-2020-13918 Unspecified vulnerability in Ruckuswireless Unleashed Firmware
Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request.
network
low complexity
ruckuswireless
7.5
7.5
2020-07-28 CVE-2020-13917 Command Injection vulnerability in Ruckuswireless Unleashed Firmware
rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command.
network
low complexity
ruckuswireless CWE-77
critical
 9.8
9.8
2020-07-28 CVE-2020-13916 Out-of-bounds Write vulnerability in Ruckuswireless Unleashed Firmware
A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request.
network
low complexity
ruckuswireless CWE-787
critical
 9.8
9.8
2020-07-28 CVE-2020-13915 Incorrect Permission Assignment for Critical Resource vulnerability in Ruckuswireless Unleashed Firmware
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request.
network
low complexity
ruckuswireless CWE-732
7.5
7.5
2020-07-28 CVE-2020-13914 Unspecified vulnerability in Ruckuswireless Unleashed Firmware
webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request.
network
low complexity
ruckuswireless
7.5
7.5
2020-07-28 CVE-2020-13913 Cross-site Scripting vulnerability in Ruckuswireless Unleashed Firmware
An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request.
network
low complexity
ruckuswireless CWE-79
6.1
6.1