Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ruckus Networks Ruckus IoT 注入漏洞
Vulnerability Description
Ruckus Networks Ruckus IoT是美国Ruckus Networks公司的一个应用于连接 Ruckus IoT-Ready AP 的设备。该设备可作为物联网设备端点连接控制器。 Ruckus Networks Ruckus 1.5.1.0.21 之前版本存在注入漏洞,该漏洞使经过身份验证的用户可以向API (/service/v1/createUser endpoint)提交查询,注入任意命令以root用户身份进行执行。
CVSS Information
N/A
Vulnerability Type
N/A