CVE-2020-22662

Published on: Not Yet Published

Last Modified on: 02/01/2023 09:34:00 PM UTC

CVE-2020-22662

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Certain versions of R310 from Ruckuswireless contain the following vulnerability:

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI.

CVE-2020-22662 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
NETWORK	LOW	NONE	NONE
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	NONE	HIGH	NONE

CVE References

Description	Tags ^ⓘ	Link
20200302 \| Security Bulletins \| Ruckus Wireless Support	support.ruckuswireless.com text/html	MISC support.ruckuswireless.com/security_bulletins/302

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

There are currently no QIDs associated with this CVE

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Ruckuswireless	R310	-	All	All	All
Operating System	Ruckuswireless	R310 Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	R500	-	All	All	All
Operating System	Ruckuswireless	R500 Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	R600	-	All	All	All
Operating System	Ruckuswireless	R600 Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	Scg200	-	All	All	All
Operating System	Ruckuswireless	Scg200 Firmware	All	All	All	All
Hardware	Ruckuswireless	Sz-100	-	All	All	All
Operating System	Ruckuswireless	Sz-100 Firmware	All	All	All	All
Hardware	Ruckuswireless	Sz-300	-	All	All	All
Operating System	Ruckuswireless	Sz-300 Firmware	All	All	All	All
Hardware	Ruckuswireless	T300	-	All	All	All
Operating System	Ruckuswireless	T300 Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	T301n	-	All	All	All
Operating System	Ruckuswireless	T301n Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	T301s	-	All	All	All
Operating System	Ruckuswireless	T301s Firmware	10.5.1.0.199	All	All	All
Hardware	Ruckuswireless	Vsz	-	All	All	All
Operating System	Ruckuswireless	Vsz Firmware	All	All	All	All
Hardware	Ruckuswireless	Zonedirector 1100	-	All	All	All
Operating System	Ruckuswireless	Zonedirector 1100 Firmware	9.10.2.0.130	All	All	All
Hardware	Ruckuswireless	Zonedirector 1200	-	All	All	All
Operating System	Ruckuswireless	Zonedirector 1200 Firmware	10.2.1.0.218	All	All	All
Hardware	Ruckuswireless	Zonedirector 3000	-	All	All	All
Operating System	Ruckuswireless	Zonedirector 3000 Firmware	10.2.1.0.218	All	All	All
Hardware	Ruckuswireless	Zonedirector 5000	-	All	All	All
Operating System	Ruckuswireless	Zonedirector 5000 Firmware	10.0.1.0.151	All	All	All

cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:*:
cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:*:
cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE