Vulnerabilities > Ruckuswireless > Unleashed Firmware > 200.7.10.102.92
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-28 | CVE-2020-13919 | OS Command Injection vulnerability in Ruckuswireless Unleashed Firmware emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. | 7.5 |
| 2020-07-28 | CVE-2020-13918 | Information Exposure vulnerability in Ruckuswireless Unleashed Firmware Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. | 5.0 |
| 2020-07-28 | CVE-2020-13917 | OS Command Injection vulnerability in Ruckuswireless Unleashed Firmware rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. | 7.5 |
| 2020-07-28 | CVE-2020-13916 | Out-of-bounds Write vulnerability in Ruckuswireless Unleashed Firmware 200.7.10.102.92 A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. | 7.5 |
| 2020-07-28 | CVE-2020-13915 | Insufficiently Protected Credentials vulnerability in Ruckuswireless Unleashed Firmware Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. | 6.4 |
| 2020-07-28 | CVE-2020-13914 | Improper Input Validation vulnerability in Ruckuswireless Unleashed Firmware webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. | 5.0 |
| 2020-07-28 | CVE-2020-13913 | Cross-site Scripting vulnerability in Ruckuswireless Unleashed Firmware 200.7.10.102.92 An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. | 4.3 |