Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruckuswireless unleashed vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-19834
Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows a remote malicious user to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
5
CVSSv2
CVE-2019-19835
SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
7.5
CVSSv2
CVE-2019-19836
AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
7.8
CVSSv2
CVE-2019-19837
Incorrect access control in the web interface in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
10
CVSSv2
CVE-2019-19839
emfd in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote malicious users to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
7.5
CVSSv2
CVE-2019-19840
A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed up to and including 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
10
CVSSv2
CVE-2019-19841
emfd in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote malicious users to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
10
CVSSv2
CVE-2019-19842
emfd in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote malicious users to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
7.5
CVSSv2
CVE-2019-19843
Incorrect access control in the web interface in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
10
CVSSv2
CVE-2019-19838
emfd in Ruckus Wireless Unleashed up to and including 200.7.10.102.64 allows remote malicious users to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.
Ruckuswireless Unleashed
Ruckuswireless Zonedirector 1200 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »