National Cyber Warfare Foundation (NCWF) Forums


CVE-2020-26878


0 user ratings
2020-10-26 22:31:19
milo
CVEs
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.

CVE-2020-26878
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26878
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
2020-10-26T20:15:14Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26878


Comments
new comment
Nobody has commented yet. Will you be the first?
 
return to home



Copyright 2012 through 2020 - National Cyber Warfare Foundation - All rights reserved worldwide.