Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CommScope Ruckus IoT Controller 缓冲区错误漏洞
Vulnerability Description
Commscope CommScope Ruckus IoT Controller是美国康普(Commscope)公司的一款物联网控制器。与SmartZone控制器集成的虚拟控制器,可为非Wi-Fi设备执行连接,设备和安全管理功能。 CommScope Ruckus IoT Controller 1.7.1.0 版本及之前版本的Web应用中的NodeJS 模块 node-red 组件存在缓冲区错误漏洞,该漏洞源于允许用户读取或写入物联网控制器上的本地文件。攻击者可通过 Web 应用程序提升运行权限,允许读
CVSS Information
N/A
Vulnerability Type
N/A