CVE-2020-22662
Summary
| CVE | CVE-2020-22662 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-01-20 19:15:00 UTC |
| Updated | 2023-02-01 21:34:00 UTC |
| Description | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI. |
Risk And Classification
Problem Types: CWE-77
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Ruckuswireless | R310 | - | All | All | All |
| Operating System | Ruckuswireless | R310 Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | R500 | - | All | All | All |
| Operating System | Ruckuswireless | R500 Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | R600 | - | All | All | All |
| Operating System | Ruckuswireless | R600 Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | Scg200 | - | All | All | All |
| Operating System | Ruckuswireless | Scg200 Firmware | All | All | All | All |
| Hardware | Ruckuswireless | Sz-100 | - | All | All | All |
| Operating System | Ruckuswireless | Sz-100 Firmware | All | All | All | All |
| Hardware | Ruckuswireless | Sz-300 | - | All | All | All |
| Operating System | Ruckuswireless | Sz-300 Firmware | All | All | All | All |
| Hardware | Ruckuswireless | T300 | - | All | All | All |
| Operating System | Ruckuswireless | T300 Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | T301n | - | All | All | All |
| Operating System | Ruckuswireless | T301n Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | T301s | - | All | All | All |
| Operating System | Ruckuswireless | T301s Firmware | 10.5.1.0.199 | All | All | All |
| Hardware | Ruckuswireless | Vsz | - | All | All | All |
| Operating System | Ruckuswireless | Vsz Firmware | All | All | All | All |
| Hardware | Ruckuswireless | Zonedirector 1100 | - | All | All | All |
| Operating System | Ruckuswireless | Zonedirector 1100 Firmware | 9.10.2.0.130 | All | All | All |
| Hardware | Ruckuswireless | Zonedirector 1200 | - | All | All | All |
| Operating System | Ruckuswireless | Zonedirector 1200 Firmware | 10.2.1.0.218 | All | All | All |
| Hardware | Ruckuswireless | Zonedirector 3000 | - | All | All | All |
| Operating System | Ruckuswireless | Zonedirector 3000 Firmware | 10.2.1.0.218 | All | All | All |
| Hardware | Ruckuswireless | Zonedirector 5000 | - | All | All | All |
| Operating System | Ruckuswireless | Zonedirector 5000 Firmware | 10.0.1.0.151 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 20200302 | Security Bulletins | Ruckus Wireless Support | MISC | support.ruckuswireless.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.