Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `stamgr_cfg_adpt_addStaIot` pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sending a crafted request to the authenticated endpoint `/admin/_conf.jsp`, or without authentication and without direct network access to the controller by spoofing the MAC address of a favourite station and embedding malicious format specifiers in the DHCP hostname field, resulting in unauthenticated format-string processing and arbitrary code execution on the controller.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CommScope Ruckus Unleashed 安全漏洞
Vulnerability Description
CommScope Ruckus Unleashed是美国CommScope公司的一款无线路由器。 CommScope Ruckus Unleashed 200.15.6.212.14和200.17.7.0.139之前版本存在安全漏洞,该漏洞源于格式字符串处理不当,可能导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A