CVE-2021-36630
https://notcve.org/view.php?id=CVE-2021-36630
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request. Vulnerabilidad de amplificación de reflexión DDOS en el módulo eAut del controlador Ruckus Wireless SmartZone que permite a atacantes remotos realizar ataques DOS a través de una solicitud manipulada. • https://github.com/lixiang957/CVE-2021-36630 http://ruckus.com http://smartzone-100.com https://anquan.baidu.com/article/1434 https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf https://www.freebuf.com/articles/web/260338.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2018-11036
https://notcve.org/view.php?id=CVE-2018-11036
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data. Ruckus SmartZone (anteriormente Virtual SmartCell Gateway o vSCG) 3.5.0, 3.5.1, 3.6.0 y 3.6.1 (Essentials y High Scale) en dispositivos vSZ, SZ-100, SZ-300 y SCG-200 permite a los atacantes remotos obtener información sensible o modificar datos. • https://www.ruckuswireless.com/security/279/view/txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •