Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33217 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 9.0 HIGH | 8.8 HIGH |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root. | |||||
CVE-2021-33219 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts. | |||||
CVE-2021-33218 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access. | |||||
CVE-2021-33216 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account. | |||||
CVE-2021-33215 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 4.0 MEDIUM | 4.3 MEDIUM |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal. | |||||
CVE-2021-33220 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist. | |||||
CVE-2021-33221 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints. |