An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
commscope ruckus iot controller |