CVE-2013-5030
Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructing a crafted URI after receiving an authentication error for an arbitrary login attempt.
Los dispositivos Ruckus Wireless Zoneflex con firmware 9.6.0.0.267 permite a atacantes remotos evadir la autenticación, y posteriormente acceder a los scripts configuration/ y maintenance/, mediante la construcción de un URI diseñado después de recibir un error de autenticación por un intento arbitrario de inicio de sesión.
Ruckus Wireless Zoneflex 2942 wireless access point suffers from an authentication bypass vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-07-31 CVE Reserved
- 2013-10-16 CVE Published
- 2013-11-19 First Exploit
- 2024-09-17 CVE Updated
- 2024-11-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.kb.cert.org/vuls/id/742932 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/29709 | 2013-11-19 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ruckuswireless Search vendor "Ruckuswireless" | Zoneflex 2942 Firmware Search vendor "Ruckuswireless" for product "Zoneflex 2942 Firmware" | 9.6.0.0.267 Search vendor "Ruckuswireless" for product "Zoneflex 2942 Firmware" and version "9.6.0.0.267" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zoneflex 2942 Search vendor "Ruckuswireless" for product "Zoneflex 2942" | - | - |
Affected
|