CVE-2020-13915
https://notcve.org/view.php?id=CVE-2020-13915
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. Los permisos no seguros en emfd/libemf en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permiten a un atacante remoto sobrescribir las credenciales de administrador por medio de una petición HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710 • https://support.ruckuswireless.com/security_bulletins/304 • CWE-522: Insufficiently Protected Credentials CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-13914
https://notcve.org/view.php?id=CVE-2020-13914
webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. webs en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92 permite a un atacante remoto causar una denegación de servicio (error de segmentación) en el servidor web por medio de una petición HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710 • https://support.ruckuswireless.com/security_bulletins/304 •
CVE-2020-13913
https://notcve.org/view.php?id=CVE-2020-13913
An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. Un problema de tipo XSS en emfd en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permite a un atacante remoto ejecutar código JavaScript por medio de una petición HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710 • https://support.ruckuswireless.com/security_bulletins/304 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •