Vulnerability Details CVE-2020-13918
Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-13918
-
cpe:2.3:h:ruckuswireless:c110:-
-
cpe:2.3:h:ruckuswireless:e510:-
-
cpe:2.3:h:ruckuswireless:h320:-
-
cpe:2.3:h:ruckuswireless:h510:-
-
cpe:2.3:h:ruckuswireless:m510:-
-
cpe:2.3:h:ruckuswireless:r310:-
-
cpe:2.3:h:ruckuswireless:r320:-
-
cpe:2.3:h:ruckuswireless:r500:-
-
cpe:2.3:h:ruckuswireless:r510:-
-
cpe:2.3:h:ruckuswireless:r600:-
-
cpe:2.3:h:ruckuswireless:r610:-
-
cpe:2.3:h:ruckuswireless:r710:-
-
cpe:2.3:h:ruckuswireless:r720:-
-
cpe:2.3:h:ruckuswireless:r750:-
-
cpe:2.3:h:ruckuswireless:t300:-
-
cpe:2.3:h:ruckuswireless:t301n:-
-
cpe:2.3:h:ruckuswireless:t301s:-
-
cpe:2.3:h:ruckuswireless:t310c:-
-
cpe:2.3:h:ruckuswireless:t310d:-
-
cpe:2.3:h:ruckuswireless:t310n:-
-
cpe:2.3:h:ruckuswireless:t310s:-
-
cpe:2.3:h:ruckuswireless:t610:-
-
cpe:2.3:h:ruckuswireless:t710:-
-
cpe:2.3:h:ruckuswireless:t710s:-
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.1
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.1.9.12.55
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.3
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.3.9.13.228
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.4.9.13
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.4.9.13.47
-
cpe:2.3:o:ruckuswireless:unleashed_firmware:200.7.10.102.92