CVE-2016-1000216
Summary
| CVE | CVE-2016-1000216 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-10-10 20:59:00 UTC |
| Updated | 2017-07-07 01:29:00 UTC |
| Description | Ruckus Wireless H500 web management interface authenticated command injection |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Ruckus | Wireless H500 | - | All | All | All |
| Hardware | Ruckus | Wireless H500 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| RUCKUS ZoneFlex H500 CVE-2016-1000216 Command Injection Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| dudux / ruckus rootshell — Bitbucket | MISC | bitbucket.org | Exploit, Third Party Advisory |
| b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt | CONFIRM | b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com | |
| Finding Security Flaws in Enterprise-Class Hardware | MISC | www.tripwire.com | Technical Description, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Ruckus Wireless | 2017-06-28 | Hemant Bhatnagar | Update on vulnerabilities in Web GUI Interface on Ruckus Unmanaged-APs - CVE-2016-1000213, CVE-2016-1000214, CVE-2016-1000215, CVE-2016-1000216. <br /> https://www.ruckuswireless.com/security <br /> http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt |
There are currently no legacy QID mappings associated with this CVE.