CVE-2020-13915 Information

Description

Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110 E510 H320 H510 M510 R320 R310 R500 R510 R600 R610 R710 R720 R750 T300 T301n T301s T310c T310d T310n T310s T610 T710 and T710s devices.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

https://support.ruckuswireless.com/security_bulletins/304

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

7.5