Commscope

Ruckus Iot Controller

7 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2021-33217

  • EPSS 0.48%
  • Published 07.07.2021 15:15:09
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.

10

CVE-2021-33218

  • EPSS 1.25%
  • Published 07.07.2021 15:15:09
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.

9.8

CVE-2021-33219

  • EPSS 0.71%
  • Published 07.07.2021 15:15:09
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.

7.8

CVE-2021-33220

  • EPSS 0.05%
  • Published 07.07.2021 15:15:09
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.

9.8

CVE-2021-33221

Exploit
  • EPSS 90.2%
  • Published 07.07.2021 15:15:09
  • Last modified 21.11.2024 06:08:33

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.

4.3

CVE-2021-33215

  • EPSS 0.13%
  • Published 07.07.2021 15:15:08
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.

9.8

CVE-2021-33216

  • EPSS 17.6%
  • Published 07.07.2021 15:15:08
  • Last modified 21.11.2024 06:08:32

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.