Filtered by vendor Commscope
Subscriptions
Filtered by product Ruckus Iot Module
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26878 | 1 Commscope | 2 Ruckus Iot Module, Ruckus Vriot | 2024-08-04 | 8.8 High |
| Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py. | ||||
| CVE-2020-26879 | 1 Commscope | 2 Ruckus Iot Module, Ruckus Vriot | 2024-08-04 | 9.8 Critical |
| Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header. | ||||
Page 1 of 1.