CVE-2019-19843
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.
Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite la extracción de credenciales remota por medio de una petición HTTP no autenticada que involucra un enlace simbólico con /tmp y web/user/wps_tool_cache.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-17 CVE Reserved
- 2020-01-22 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-09-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-522: Insufficiently Protected Credentials
- CWE-552: Files or Directories Accessible to External Parties
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://alephsecurity.com/2020/01/14/ruckus-wireless | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.ruckuswireless.com/security/299/view/txt | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | C110 Search vendor "Ruckuswireless" for product "C110" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | E510 Search vendor "Ruckuswireless" for product "E510" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | H320 Search vendor "Ruckuswireless" for product "H320" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | H510 Search vendor "Ruckuswireless" for product "H510" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | M510 Search vendor "Ruckuswireless" for product "M510" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R310 Search vendor "Ruckuswireless" for product "R310" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R320 Search vendor "Ruckuswireless" for product "R320" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R510 Search vendor "Ruckuswireless" for product "R510" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R610 Search vendor "Ruckuswireless" for product "R610" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R710 Search vendor "Ruckuswireless" for product "R710" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | R720 Search vendor "Ruckuswireless" for product "R720" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | T310 Search vendor "Ruckuswireless" for product "T310" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | T610 Search vendor "Ruckuswireless" for product "T610" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Unleashed Search vendor "Ruckuswireless" for product "Unleashed" | < 200.7.10.202.94 Search vendor "Ruckuswireless" for product "Unleashed" and version " < 200.7.10.202.94" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | T710 Search vendor "Ruckuswireless" for product "T710" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | < 9.10.2.0.84 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " < 9.10.2.0.84" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | >= 9.12.0 < 9.12.3.0.136 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " >= 9.12.0 < 9.12.3.0.136" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | >= 9.13.0 < 10.0.1.0.90 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " >= 9.13.0 < 10.0.1.0.90" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | >= 10.1.0 < 10.1.2.0.275 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " >= 10.1.0 < 10.1.2.0.275" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | >= 10.2.0 < 10.2.1.0.147 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " >= 10.2.0 < 10.2.1.0.147" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|
| Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Firmware Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" | >= 10.3.0 < 10.3.1.0.21 Search vendor "Ruckuswireless" for product "Zonedirector 1200 Firmware" and version " >= 10.3.0 < 10.3.1.0.21" | - |
Affected
| in | Ruckuswireless Search vendor "Ruckuswireless" | Zonedirector 1200 Search vendor "Ruckuswireless" for product "Zonedirector 1200" | - | - |
Safe
|