Vulnerability Details CVE-2021-36630
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.399
EPSS Ranking 97.3%
CVSS Severity
CVSS v3 Score 7.5
References
- http://ruckus.com
- http://smartzone-100.com
- https://anquan.baidu.com/article/1434
- https://github.com/lixiang957/CVE-2021-36630
- https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf
- https://www.freebuf.com/articles/web/260338.html
- http://ruckus.com
- http://smartzone-100.com
- https://anquan.baidu.com/article/1434
- https://github.com/lixiang957/CVE-2021-36630
- https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf
- https://www.freebuf.com/articles/web/260338.html
Products affected by CVE-2021-36630
-
cpe:2.3:h:ruckuswireless:sz-100:-
-
cpe:2.3:h:ruckuswireless:sz-144:-
-
cpe:2.3:h:ruckuswireless:sz-300:-
-
cpe:2.3:h:ruckuswireless:vsz:-
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.1
-
cpe:2.3:o:ruckuswireless:sz-144_firmware:-
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.1
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.0
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.1
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.0
-
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.1