Vulnerability Details CVE-2021-36630
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.127
EPSS Ranking 93.6%
CVSS Severity
CVSS v3 Score 7.5
References
- http://ruckus.com
- http://smartzone-100.com
- https://anquan.baidu.com/article/1434
- https://github.com/lixiang957/CVE-2021-36630
- https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf
- https://www.freebuf.com/articles/web/260338.html
- http://ruckus.com
- http://smartzone-100.com
- https://anquan.baidu.com/article/1434
- https://github.com/lixiang957/CVE-2021-36630
- https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf
- https://www.freebuf.com/articles/web/260338.html
Products affected by CVE-2021-36630
-
cpe:2.3:h:ruckuswireless:sz-100:-
-
cpe:2.3:h:ruckuswireless:sz-144:-
-
cpe:2.3:h:ruckuswireless:sz-300:-
-
cpe:2.3:h:ruckuswireless:vsz:-
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.1
-
cpe:2.3:o:ruckuswireless:sz-144_firmware:-
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.1
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.1