CVE-2020-13918 Information

Description

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110 E510 H320 H510 M510 R320 R310 R500 R510 R600 R610 R710 R720 R750 T300 T301n T301s T310c T310d T310n T310s T610 T710 and T710s devices.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://support.ruckuswireless.com/security_bulletins/304

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5