Three API endpoints for the IoT Controller are accessible without authentication Two of the endpoints result in information leakage and consumption of computing/storage resources The third API endpoint that does not require authentication allows for a factory reset of the IoT Controller ...
<!--X-Body-Begin-->
<!--X-User-Header-->
Full Disclosure
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
KL-001-2021-001: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
<!--X-Subject-Header-End-->
<!--X-Head- ...